Bookmarks
Everything Cyber
Education/Higher Learning Stuff
Georgia Tech
Software And Discounts
- GT Office of Information Technology | Information Technology
- Software Distribution
- Microsoft Office Home
- Sign In | Georgia Institute of Technology - College of Computing | Academic Software Discounts
- Georgia Institute of Technology | Academic Software Discounts
- Education | Software - Microsoft Azure
- Specializations | OMSCS | Georgia Institute of Technology | Atlanta, GA
- /r/OMSCS
- OMSCentral
- Georgia Tech - GitHub
- BuzzPort Login
- Georgia Tech - Canvas
- Sign In - Udacity
- OMSCS Notes · Clear, organized and free OMSCS lecture summaries. Happy studying!
- Bits, Bytes, Late Nights
- Georgia Tech Library
- Home | OMSCS | Georgia Institute of Technology | Atlanta, GA
- Veterans Forms | Registrar's Office | Georgia Tech
- SSlab - Systems Software and Security Lab
- Tentative Five-Term Institute Calendar | Registrar's Office | Georgia Tech
- Holds - Georgia Tech Library - OverDrive
- Free Books/Audio Books - Georgia Tech Library - OverDrive
- F21 Masters Seating.pdf
- Graduation Bag Policy
- Parking and Transit | Commencement
- Student RSVP for Commencement | Commencement
JHU
Post Masters Certificate or Second Masters
Computer Science
- 605.615 Compiler Design with LLVM (Shell, A.) | Engineering for Professionals | Johns Hopkins
- Programming Languages | Johns Hopkins Engineering Online
- 605.617 Introduction to GPU Programming (Pascale, C.) | Johns Hopkins Engineering Online
- 605.715 Software Development for Real-Time Embedded Systems (Ferguson, D.) | Johns Hopkins University Engineering for Professionals
- 605.631 Statistical Methods for Computer Science (Johnson, T., McCulloh, I.) | Johns Hopkins Engineering Online
- Data Visualization | Johns Hopkins Engineering Online
- Computer Science Certificate Reqs | Johns Hopkins Engineering Online
Electrical And Computer Engineering
- Electrical and Computer Engineering | Johns Hopkins University Engineering for Professionals
- 525.642 - FPGA Design Using VHDL | Johns Hopkins University Engineering for Professionals
- 525.612 - Computer Architecture | Johns Hopkins University Engineering for Professionals
- 525.615 - Embedded Microprocessor Systems | Johns Hopkins University Engineering for Professionals
- 525.742 - System-on-a-Chip FPGA Design Laboratory | Johns Hopkins University Engineering for Professionals
- 525.743 - Embedded Systems Development Laboratory | Johns Hopkins University Engineering for Professionals
- 525.658 - Digital VLSI System Design | Johns Hopkins University Engineering for Professionals
- 525.607 - Introduction to Electronic Packaging | Johns Hopkins University Engineering for Professionals
- 525.659 - Mixed-Mode VLSI Circuit Design | Johns Hopkins University Engineering for Professionals
- 525.643 - Real-Time Computer Vision | Johns Hopkins University Engineering for Professionals
- 525.614 - Probability and Stochastic Processes for Engineers | Johns Hopkins University Engineering for Professionals
- 525.724 - Introduction to Pattern Recognition | Johns Hopkins University Engineering for Professionals
- 525.801 - Special Project I | Johns Hopkins University Engineering for Professionals
Cybersecurity
- Cybersecurity | Johns Hopkins University Engineering for Professionals
- 695.742 - Digital Forensics Technologies and Techniques | Johns Hopkins University Engineering for Professionals
- 695.749 Cyber Exercise (Rosenberg, T.) | Johns Hopkins University Engineering for Professionals
- 695.612 - Operating Systems Security | Johns Hopkins University Engineering for Professionals
- 695.802 - Independent Study in Cybersecurity II | Johns Hopkins University Engineering for Professionals
- 695.801 - Independent Study in Cybersecurity I | Johns Hopkins University Engineering for Professionals
- 695.611 - Embedded Computer Systems--Vulnerabilities, Intrusions, and Protection Mechanisms | Johns Hopkins University Engineering for Professionals
- Information Security Institute < Johns Hopkins University
- 695.622 Web Security (Kovba, J.) | Johns Hopkins University Engineering for Professionals
- 695.744 - Reverse Engineering and Vulnerability Analysis | Johns Hopkins University Engineering for Professionals
- JHU Information Security Institute | MSSI Course Distribution - JHU Information Security Institute
BioInformatics MS or Certificate
- Post-Master’s Certificate in Sequence Analysis and Genomics Requirements | Advanced Academic Programs | Johns Hopkins University
- Post Masters Certificate Admissions Requirements | Advanced Academic Programs | Johns Hopkins University
- Bioinformatics MS Admissions Requirements | Advanced Academic Programs | Johns Hopkins University
- MS Course Descriptions | Advanced Academic Programs | Johns Hopkins University
- Certificates | Johns Hopkins Engineering Online
Comp Sci Masters
Possible
- 695.701 - Cryptology | Johns Hopkins University Engineering for Professionals
- 605.645 Artificial Intelligence (Butcher, S.) | Johns Hopkins University Engineering for Professionals
- 605.602 - Secure Software Analysis and Design | Johns Hopkins University Engineering for Professionals
- 605.612 - Operating Systems | Johns Hopkins University Engineering for Professionals
- 695.742 Digital Forensics Technologies and Techniques (Ahmed, F.) | Johns Hopkins University Engineering for Professionals
- 605.728 Quantum Computation (Zaret, D.) | Johns Hopkins University Engineering for Professionals
- 685.648 Data Science (Butcher, S.) | Johns Hopkins University Engineering for Professionals
- 605.615 Compiler Design (Ferguson, D., Shell, A.) | Johns Hopkins University Engineering for Professionals
- 605.601 - Foundations of Software Engineering | Johns Hopkins University Engineering for Professionals
- 605.621 - Foundations of Algorithms | Johns Hopkins University Engineering for Professionals
- 605.611 - Foundations of Computer Architecture | Johns Hopkins University Engineering for Professionals
- 605.707 Software Patterns (Lindberg, J.) | Johns Hopkins University Engineering for Professionals
- 605.649 Introduction to Machine Learning (Sheppard, J.) | Johns Hopkins University Engineering for Professionals
- 605.614 - System Development in the UNIX Environment | Johns Hopkins University Engineering for Professionals
- 695.622 Web Security (McGuire, T.) | Johns Hopkins University Engineering for Professionals
Should do
- 605.612 Operating Systems (Noble, J.) | Johns Hopkins University Engineering for Professionals
- 605.715 - Software Development for Real-Time Embedded Systems | Johns Hopkins University Engineering for Professionals
- 605.616 - Multiprocessor Architecture and Programming | Johns Hopkins University Engineering for Professionals
- 605.801 - Independent Study in Computer Science I | Johns Hopkins University Engineering for Professionals
- 605.802 - Independent Study in Computer Science II | Johns Hopkins University Engineering for Professionals
- 605.631 - Statistical Methods for Computer Science | Johns Hopkins University Engineering for Professionals
- 695.744 - Reverse Engineering and Vulnerability Analysis | Johns Hopkins University Engineering for Professionals
- 695.612 Operating Systems Security (McGuire, T.) | Johns Hopkins University Engineering for Professionals
- 695.611 Embedded Computer Systems--Vulnerabilities, Intrusions, and Protection Mechanisms (Kalb, G.) | Johns Hopkins University Engineering for Professionals
- 605.667 - Computer Graphics | Johns Hopkins University Engineering for Professionals
- 605.704 - Object-Oriented Analysis and Design | Johns Hopkins University Engineering for Professionals
- White_Hat_Syllabus_Spring_2016_v2.pdf
Self Study
- 605.716 - Modeling and Simulation of Complex Systems | Johns Hopkins University Engineering for Professionals
- LANIER A
- JHU Information Security Institute | Dr. Lanier A. Watkins - JHU Information Security Institute
- Computer Science | Johns Hopkins University Engineering for Professionals
PhD and School Info
- Apply | Johns Hopkins University Engineering for Professionals
- Department of Computer Science | PhD Program - Department of Computer Science
- Computer Science < John Hopkins University
- courseareas.pdf
- WSE Graduate Credit Hours | Graduate & Postdoctoral Affairs | Johns Hopkins University
- Department of Computer Science | Ask CS: for Graduate Students - Department of Computer Science
- PhDmanual.pdf
- JHU Information Security Institute | Ph.D. Program - JHU Information Security Institute
- JHU Information Security Institute | Dr. Lanier A. Watkins - JHU Information Security Institute
- Johns Hopkins Institutions - myJohnsHopkins - life.22.1
UMD
School and Degree Info
- Computer Science | The University of Maryland Graduate School
- Research | Maryland Cybersecurity Center
- Graduate Education | UMD Department of Computer Science
- Network Security | Maryland Cybersecurity Center
- Programming-Language and Software Security | Maryland Cybersecurity Center
- Empirical Security | Maryland Cybersecurity Center
- 3 Applying to Graduate School
- Information for Prospective Students | UMD Department of Computer Science
- Courses - Graduate Policy Manual
- Ph.D. Candidacy Tuition and Fees | Student Financial Services and Cashiering
- Doctoral Degrees Policies < University of Maryland
- Admissions Policies < University of Maryland
- Graduate Certificate | Maryland Cybersecurity Center
- Cybersecurity | Office of Advanced Engineering Education
- Graduate Policy Manual: Information for Enrolled Students | UMD Department of Computer Science
- Graduate Policy Manual: Information for Enrolled Students | UMD Department of Computer Science
- Information for Prospective Students | UMD Department of Computer Science
Professors and Research
- Directory | Maryland Cybersecurity Center
- Qu, Gang | Maryland Cybersecurity Center
- Yasser Shoukry (Sakr)| Assistant Professor
- Srivastava, Ankur | Maryland Cybersecurity Center
- Srivastava, Ankur | Institute for Systems Research
- Welcome
- Barua, Rajeev | Maryland Cybersecurity Center
- Hicks, Michael | Maryland Cybersecurity Center
- Michael Hicks
- Idea Lab – ankurs@umd.edu | 301-405-0434
- Dave Levin - University of Maryland
- Mazurek, Hicks Receive NSF Grant to Study Factors Leading to Insecure Software | Maryland Cybersecurity Center
Comp Sci PhD
Possible Courses To Take
Extra Courses
- MATH/CMSC 456 --- Cryptology
- CMSC 452: Elementary Theory of Computation
- UMD CMSC 656: Introduction to Cryptography - Google Search
- AMSC/CMSC 660: Scientific Computing I | Maria Kourkina Cameron
- CMSC 818O: Computer and Network Security
- MS/PhD Status of Special Topics Courses | UMD Department of Computer Science
- CMSC 663-664 Advanced scientific computing I and II
- CMSC74: Advanced Computer Graphics, Fall 2017
- ENEE651/CMSC751: Parallel Algorithms
- ENPM693 Network Security
- Graduate Classes | Maryland Cybersecurity Center
- ENEE459B Reverse Engineering and Hardware Security Laboratory | Electrical and Computer Engineering
- ENPM808: Advanced Topics in Engineering | Office of Advanced Engineering Education
- ENEE - Electrical & Computer Engineering < University of Maryland
- Auditing a class? Advice/Help : UMD
- PRE REQ DBS | CMSC424: Database Design
- DBS | CMSC 624 Database System Architecture and Implementation
- AUDIT CS | UMD CMSC 712 Distributed Algorithms and Verification
- AUDIT CS | UMD CMSC 714 - High Performance Computing Systems (Fall 2019)
- A&C | ENEE651: Parallel Algorithms | Department of Electrical and Computer Engineering
- SE | CMSC 734: Information Visualization - Google Search
- SE | CMSC731: Programming Language Implementation - Google Search
- Pre-Req AUDIT BIO | CMSC402 Bioinformatic Algorithms and Methods for Functional Genomics and Proteomics
- Pre-Req AUDIT BIO | CMSC423: Bioinformatic Algorithms, Databases, and Tools
- AUDIT BIO | CMSC701: Computational Genomics
- AUDIT BIO | CMSC702 - Computational Systems Biology and Functional Genomics - Spring 2016
Planned Courses
- CMSC634: Empirical Research Methods for Computer Science - Google Search
- CMSC631: Program Analysis and Understanding - Google Search
- CMSC734: Information Visualization - Google Search
- CMSC751: Parallel Algorithms - Google Search
- CMSC712: Distributed Algorithms and Verification - Google Search
- CMSC714: High Performance Computing - Google Search
- Courses - Computer Science < University of Maryland
- Computer Science, Doctor of Philosophy (Ph.D.) < University of Maryland
- Software | Office of Advanced Engineering Education
Masters Stuff
Masters in Computer Engineering
- Research Institutes and Centers | Department of Electrical and Computer Engineering
- Institute for Systems Research |
- University of Maryland Institute for Advanced Computer Studies | UMIACS
- Maryland Cybersecurity Center |
- Embedded Systems Research Laboratory (ESRL) | Department of Electrical and Computer Engineering
- Mike Hicks | UMIACS
- Gang Qu Promoted to Full Professor | Department of Electrical and Computer Engineering
- Gang Qu - How Hardware Impacts Security and Trust in IoT — Department of Computer Science and Engineering
- Hardware Security | Coursera
- Master of Science | Department of Electrical and Computer Engineering
- Cybersecurity and Cyberprivacy | Department of Electrical and Computer Engineering
- Message from the Department Chair
- Thesis & Dissertation Filing | The University of Maryland Graduate School
- Graduate Catalog < University of Maryland
- Prospective Students | Department of Electrical and Computer Engineering
- Cybersecurity Engineering, Master of Engineering (M.Eng.) < University of Maryland
- Electrical and Computer Engineering (ENEE) < University of Maryland
- Cybersecurity Engineering (online) (Z092) < University of Maryland
- Cybersecurity Engineering, Post-Baccalaureate Certificate (P.B.C.) < University of Maryland
- Software Engineering, Master of Engineering (M.Eng.) < University of Maryland
- Software Engineering, Post-Baccalaureate Certificate (P.B.C.) < University of Maryland
- Software Engineering | Office of Advanced Engineering Education
- UNIVERSITY OF MARYLAND-COLLEGE PARK - GI Bill® Comparison Tool
- UMD Department of Computer Science |
- 2014-mc2-research-brochure.pdf
- Veteran Benefits | Office of the Registrar
- UMD-CSEC
- Terrapin Hackers
- gradstudy survival guide
- Application Process | Office of Advanced Engineering Education
- Writing a Statement of Purpose | UMD Department of Computer Science
NYU Poly
- Curriculum | Cybersecurity Online | NYU Tandon School of Engineering
- Contact Us | NYU Tandon Online | NYU Tandon School of Engineering
- Cybersecurity, MS | NYU Tandon School of Engineering
- Publications Archives - Center for Cybersecurity
- Computer Science, Ph.D. | NYU Tandon School of Engineering
- #osirislab - freenode Web IRC
- Home
- Cybersecurity Master's Degree | Online | NYU Tandon School of Engineering
CMU
- CSD-PhD-Handbook-2017-18.pdf
- Prospective Students - Graduate Education - Carnegie Mellon University
- Frequently Asked Questions (FAQ) - Graduate Education - Carnegie Mellon University
- Doctoral Programs | Carnegie Mellon University - Computer Science Department
- MSE - Software Engineering Masters Programs - Institute for Software Research - Carnegie Mellon University
- Prerequisite Knowledge - Software Engineering Masters Programs - Institute for Software Research - Carnegie Mellon University
- CMD Certificates: Credential Program | Software Engineering Institute
- MSE Online - Master of Software Engineering Programs - Institute for Software Research - Carnegie Mellon University
UIUC
- Master of Computer Science (MCS) | UIUC | Coursera
- Online Master of Computer Science | Illinois Computer Science
- Professional Master of Computer Science | Illinois Computer Science
- NetMath Courses for College Students | NetMath at Illinois
Columbia
- Computer Science Master's Degree | Columbia Video Network | Columbia University Engineering
DSU
- Doctor of Philosophy in Cyber Operations - Dakota State University
- Program: Computer Science, M.S. - Dakota State University - Acalog ACMS™
- Program: Computer Science, B.S. - Dakota State University - Acalog ACMS™
- 4+1 program - Dakota State University
- Program: Cyber Operations, B.S. - Dakota State University - Acalog ACMS™
Stanford
- Computer Science MS Degree | Stanford Online
- Introductory Programming Graduate Certificate | Stanford Online
- Foundations in Computer Science Graduate Certificate | Stanford Online
- Software Systems Graduate Certificate | Stanford Online
UT Austin
- Online Master's Program | Department of Computer Science
- The Hub
Northeastern University
- Computer Science, MSCS—ALIGN Program < Northeastern University
- How Align Works – Align MS in Computer Science Program
Penn State
- Penn State World Campus | Courses - Master of Software Engineering
UMass Amherst
- Online MSCS
UPenn
- MCIT Online Course List
- Online MCIT - Master of Computer and Information Technology
MBA
CMU
- CMU Top Online Hybrid MBA Program - Tepper School of Business - Carnegie Mellon University
- Chart Your Path to a Tepper Part-Time MBA - Tepper School of Business - Carnegie Mellon University
SANS
Grad Certs for GSE
- GCDA Elective - Cyber Security Engineering Core
- GREM - Incident Response Grad Cert
- GPEN & GWAPT - Graduate Certificate Program in Penetration Testing & Ethical Hacking
- Cybersecurity Management Grad Cert| SANS Technology Institute
- Cyber Defense Operations Grad Cert | SANS Technology Institute
- Penetration Testing & Ethical Hacking Grad Cert | SANS Technology Institute
- Masters Degree in Information Security - SANS Technology Institute
- STI Course Transfer/Waiver Information
- Graduate Certificates | Cyber Security | Information Security | SANS
- Single Course - Non-Degree Seeking Student
EE/CE/Embedded Programs
MS Programs to Consider
UMD Masters in Computer Engineering
Courses to take
Pre-Req and Other Intro Courses
- ENEE244: Digital Logic Design | Department of Electrical and Computer Engineering
- ENEE 245 - Digital Circuits & Systems Lab by B. Jacob
- enee245: | Digital Circuits & Systems Lab
- ENEE244-010x Digital Logic Design, Fall 2015
- CMSC 330, Organization of Programming Languages
- CMSC 250 - Discrete Structures | Helps with Programming Languages
- ENEE 350 Computer Organization
- ENEE307: Electronic Circuits Design Laboratory | Department of Electrical and Computer Engineering
- ENEE322: Signal and System Theory | Department of Electrical and Computer Engineering
- ENEE 324 - Engineering Probability
- MATH246 Differential Equations for Scientists and Engineers
- ENEE205: Electric Circuits | Department of Electrical and Computer Engineering
- ENEE446: Digital Computer Design | Department of Electrical and Computer Engineering
- CMSC412 vs ENEE447 (Operating Systems) : UMD
- CMSC 420 | Data Structures - Fall 2018
- ENEE457: Computer Systems Security | Department of Electrical and Computer Engineering
- CORE ENPM607 - Computer System Design and Architecture
- Electrical & Computer | Office of Advanced Engineering Education
- Course Schedule | Department of Electrical and Computer Engineering
- CMSC430: Design and Implementation of Programming Languages
- ENEE447: Operating Systems by B. Jacob
- ENEE445: Computer Laboratory
- ENEE641: Mathematical Foundations for Computer Engineering
- CORE ENEE645: Compilers and Optimization
- CORE ENPM609: Microprocessor-Based Design
- ENEE657: Computer Security | Department of Electrical and Computer Engineering
- CORE ENPM674: Design and Synthesis of Digital Systems
- CORE ENPM 615 : Embedded Systems
- ENPM696: Reverse Engineering
- Research Institutes and Centers | Department of Electrical and Computer Engineering
- Institute for Systems Research |
- University of Maryland Institute for Advanced Computer Studies | UMIACS
- Maryland Cybersecurity Center |
- Embedded Systems Research Laboratory (ESRL) | Department of Electrical and Computer Engineering
- Mike Hicks | UMIACS
- Gang Qu Promoted to Full Professor | Department of Electrical and Computer Engineering
- Gang Qu - How Hardware Impacts Security and Trust in IoT — Department of Computer Science and Engineering
- Hardware Security | Coursera
- Master of Science | Department of Electrical and Computer Engineering
- Cybersecurity and Cyberprivacy | Department of Electrical and Computer Engineering
- Message from the Department Chair
- Thesis & Dissertation Filing | The University of Maryland Graduate School
- Graduate Catalog < University of Maryland
- Prospective Students | Department of Electrical and Computer Engineering
- ECE Graduate Handbook - M.S. Non-Thesis Option
- Electrical-Computer Core Courses.pdf
- Electrical and Computer Engineering, Master of Engineering (M.Eng.) < University of Maryland
- ENEE - Electrical & Computer Engineering < University of Maryland
UC San Diego Professional Cert in Embedded Systems
- UC San Diego Extension | Continuing Education | UC San Diego Extension
- Embedded Linux | UC San Diego Extension
- Embedded Systems Hardware Interfacing | UC San Diego Extension
- FPGA Design Fundamentals | UC San Diego Extension
UMass Grad Cert in Embedded Systems
- Online Graduate Certificate in Embedded Systems : University Without Walls : UMass Amherst
- Graduate Students | Electrical and Computer Engineering | UMass Amherst
- Embedded Systems Graduate Certificate | Electrical and Computer Engineering | UMass Amherst
University of Michigan
- MSE in Computer Engineering
Purdue
- Online Program focuses on cyber-vulnerability and risk | Purdue Online Learning | College of Engineering
- Master’s Degree in Electrical and Computer Engineering | edX
- MS in ECE Online : Academics - Electrical and Computer Engineering - Purdue University
- Plan of Study - Electrical and Computer Engineering - Purdue University
- Master’s Degree in Electrical and Computer Engineering
- MSE in Computer Engineering
- Graduate Courses | ECE | Virginia Tech
Other Courses
- UT Austin - Embedded Systems - Shape The World: Microcontroller Input/Output | edX
- UT Austin - Embedded Systems - Shape The World: Multi-Threaded Interfacing | edX
- UT-Austin | Embedded Systems E-Book
- Embedded Systems Book | UTAustin
Fellowship Stuff
- About
- Welcome to the NPSC Fellowship Applicant Portal | NATIONAL PHYSICAL SCIENCE CONSORTIUM
- University Contact | NATIONAL PHYSICAL SCIENCE CONSORTIUM
- National Physical Science Consortium
- NSA | Students | Intelligence Careers
- Flagship Fellowship | The University of Maryland Graduate School
- The Facebook Fellowship Program – Facebook Research
- Graduate Fellowships | Research
- CyberCorps®: Scholarship for Service
- NSA Funded? - NPSC - National Physical Science Consortium
- Graduate Research Fellowship Program (GRFP) (nsf18573)| NSF – National Science Foundation
- Home - NSF Graduate Research Fellowships Program (GRFP)
- Student Programs Search for Intelligence Careers
- External Fellowships | The University of Maryland Graduate School
- Experienced Resource List - NSF Graduate Research Fellowships Program (GRFP)
- Fellowship Information | NATIONAL PHYSICAL SCIENCE CONSORTIUM
PhD Research
Research Paper Stuff
- Search – Science Huβ Publishing
- RESEARCH PAPER STUFF
- bao2017csf.pdf
- Tiffany Bao
- Block Oriented Programming: Automating Data-Only Attacks
- andriesse-sec-2016.pdf
- Applying to PhD Programs for CS
- Computer Science PhD --help
- Philip Guo - A Five-Minute Guide to Ph.D. Program Applications
Useful Educational Tools
LaTeX
- Overleaf, Online LaTeX Editor
- Documentation - Overleaf, Online LaTeX Editor
- EasyBib: Free Bibliography Generator - MLA, APA, Chicago citation styles
- Symbolab Math Solver - Step by Step calculator
- A thread about using fonts/typography in presentations
- Microsoft Office Home
- GitHub Student Developer Pack - GitHub Education
- Learn LaTeX in 30 minutes - ShareLaTeX, Online LaTeX Editor
- μPad | Take and organise notes for free
- Monday Master Class: The Study Hacks Guide to Note-Taking - Study Hacks - Cal Newport
- Entire spectrum of research skills | Simon Peyton Jones at Microsoft Research
- How to write a scientific paper
- Writing Technical Articles | Systems and Networking Articles
- Reading a paper to do a review | Writing Reviews for systems conferences
- MLA Citation Format - Works Cited Generator by Citation Machine
- How to read and understand a scientific paper: a guide for non-scientists | Impact of Social Sciences
- XMind 8 Pro - XMind - Mind Mapping Software
- HowtoReadPaper.pdf
- HowToReadAPaper.pdf
- HowToReadAResearchPaper
- Symbolab Math Solver - Step by Step calculator
- Nearpod: You'll wonder how you taught without it
- Confluence | Your Remote-Friendly Team Workspace | Atlassian
Student Benefits
Free/Discounted School Book and Software Searches
- MBS Direct | Course material fulfillment for the future of education
- Download Microsoft Office 2016 at no cost - Student & Faculty Academic Discount | OnTheHub
- Microsoft Imagine
- Welcome | Georgia Institute of Technology - College of Computing - Microsoft Imagine Premium | Academic Software Discounts
- Malwarebytes Cybersecurity for Students | Malwarebytes
- GitHub Student Developer Pack - GitHub Education
- UNiDAYS - Fast, free, exclusive deals for students
- ScienceDirect.com | Science, health and medical journals, full text articles and books.
GRE
- GRE Practice Tests: Complete Collection • PrepScholar GRE
- GRE Math Review
- Manhattan Prep GRE Set of 8 Strategy Guides (Manhattan Prep GRE Strategy Guides): Manhattan Prep: 0884199744170: Amazon.com: Books
- 5 lb. Book of GRE Practice Problems (Manhattan Prep 5 lb Series): Manhattan Prep: 9781941234518: Amazon.com: Books
- Official GRE Super Power Pack, Second Edition: Educational Testing Service: 9781260026399: Amazon.com: Books
- Best GRE Prep Books 2017-2018: Expert Reviews • PrepScholar GRE
- GRE Vocab Practice Quiz Game
- Select your Book Level to Practice - Sadlier-Oxford Vocabulary Workshop Series
- Magoosh | GRE Plans
Certifications
ISC2 (CISSP)
- https://www.isc2.org/Sign-In
- Your Account
CompTIA
- (IT) Information Technology Continuing Education & eLearning | Training and Higher Education
- Certification Vouchers - CompTIA Marketplace Academic
Cisco
- Cisco Certs
SANS
- Better GIAC Testing with Pancakes – tisiphone.net
- The GIAC Security Certification Roadmap
- SANS Institute
- GIAC Information Security Expert | GSE Certification
- GIAC Certified Forensic Analyst | GCFA Certification
- GIAC GXPN Certification | Exploit Researcher | Advanced PenTesting
- SANS Index How To Guide with Pictures | Digital Forensics Tips
- SEC760_Course-Flyer.indd
- Advanced Exploit Development for Penetration Testers
- Reverse Engineering Malware Training | Malware Tools & Techniques
- Course-Flyer_FOR610.indd
- Navy COOL - Cyber IT/CSWF
- Navy COOL - Cyber IT/CSWF: DoD 8140.01
- Search in My Quizizz
- CBT Nuggets - Awesome For Certs
- Professor Messer IT Certification Training Courses
- CPEs | Brakeing Down Security Podcast
- CSRankings: Computer Science Rankings
- 3 qualities of successful Ph.D. students: Perseverance, tenacity and cogency
- Computer Science Open Data
- Class Central • Find the best courses, wherever they exist.
Books and Research Papers
All Around Best Searchable Sites for Free Books
- Library Genesis
- Z-Library. The world's largest ebook library.
- Free books | Anna’s Archive
- Sci-Hub: removing barriers in the way of science
Alternate Sites for Free Books
- Google Custom Search
- All IT eBooks - Free IT eBooks Download
- Electronic library. Download books free. Finding books
- Ebook-dl | Free Download Ebooks
- IT eBooks Download Free | eBooks-IT.org
- Mendeley - Reference Management Software
- Kindle Cloud Reader
- Internet Archive: Digital Library of Free Books, Movies, Music & Wayback Machine
- Leanpub | Bookstore
- Humble Bundle
- Research Papers
- Buy New & Used Books Online with Free Shipping | Better World Books
- Browse All Topics | The National Academies Press
- Welcome to Open Library | Open Library
General Cyber Courses/Training/Resources
Amazing Resources For Learning
- edX | Free online courses from the world's best universities
- LiveOverflow - LiveOverflow
- LiveOverflow - Awesome to learn Computer Security
- Udacity - Free Online Classes & Nanodegrees | Udacity
- Khan Academy | Free Online Courses, Lessons & Practice
- Welcome to SecurityTube.net
- LinkedIn Learning: Online Courses for Creative, Technology, Business Skills
- PagedOut_002_beta2.pdf
- VeteranSec – A Veteran Cyber Security Community
- /r/netsec
- /r/Reverse Engineering
- Develop Technical Recall Skills: Spaced Repetition with Anki - SANS Institute
- TryHackMe | 25 Days of Cyber
- TryHackMe | Advent of Cyber 3 (2021)
- 3Blue1Brown - Teaches Hard Concepts Well!
- Computing Fundamentals
- TCM Security, Inc.
- Streaming Tutorials | Cyber Aces | Free online cybersecurity courses
- Free NSA Security Courses | CLARK
FSU Course
- Offensive Security 2013 - FSU - Lecture5: Reverse Engineering (x86) Workshop Day 1 - YouTube
- Offensive Computer Security Home Page Spring 2014
- Training for manipulating all kinds of things: Learning Exploitation with Offensive Computer Security 2.0
RPI Classes
- Modern Binary Exploitation - Spring 2015
- GitHub - RPISEC/MBE: Course materials for Modern Binary Exploitation by RPISEC
- GitHub - RPISEC/Malware: Course materials for Malware Analysis by RPISEC
- security.cs.rpi.edu/courses/malware-spring2013/
MIT OpenCourseWare
- Computer Systems Security | Electrical Engineering and Computer Science | MIT OpenCourseWare
- Network and Computer Security | Electrical Engineering and Computer Science | MIT OpenCourseWare
- Electrical Engineering and Computer Science | MIT OpenCourseWare | Free Online Course Materials
Intro to Cyber Security Reading Material
- Live Overflow - Where to start with hacking
- The Importance of Deep Work & The 30-Hour Method for Learning a New Skill | Azeria Labs
- Interview Warmup - Grow with Google
- /r/netsecstudents
- /r/netsec
- How to Build a Successful Career in Cybersecurity - Daniel Miessler
- Good List of Practice Areas in CyberSecurity
- So, you want to work in security? – freeCodeCamp
- Getting Into Security Engineering
- Stuxnet
- The Jargon File
- How To Become A Hacker
- The Hacker Manifesto
- OWASP CheatSheetSeries
- Lynda.com (Requires Library Card) - Lots of Free Training On Various Subjects
- GitHub - stong/infosec-resources: A list of helpful cybersecurity / infosec resources
- Paged Out!
- Infosec Courses Master List
- NYU Tandon Vulnerability Research and Pen Test Course
- CBT Nuggets - Awesome For Certs
- Open Security Training - Lots of Beginner Stuff
- Null Byte — Random Hacking Tutorials
- 600 free online courses you can take from universities worldwide
- Cyberforce (PCTC) - Requires CAC
- Hackaday | Fresh hacks every day
- Immersive Labs
- VeteranSec – A Veteran Cyber Security Community
- tmp.0ut
- SEED Project
- Decisions & Disruptions Board Game
Computer Science/Programming/Software Engineering Stuff
Specific Programming Language Stuff (C/C++/Python/Java/etc)
Rust
- Introduction - The Rust Programming Language
- The Rust Programming Language
C Stuff
GT Recommended
- CS50 - Reference
- CS50's Introduction to Computer Science | edX
- Practical Programming in C | MIT OpenCourseWare
- Learn C in Y Minutes
- Home | Lynda | Georgia Institute of Technology | Atlanta, GA
- How Do I Declare A Function Pointer in C?
- C Tutorial - Learn C - Cprogramming.com
- Function Pointers in C and C++ - Cprogramming.com
- C documentation — DevDocs
- Intro to OS - C Programming Q&A - YouTube
- C Programming - Q&A.pptm - Google Slides
- Amazon.com: C Programming Language, 2nd Edition (8601410794231): Brian W. Kernighan, Dennis M. Ritchie: Books
- The Linux Programming Interface [Book]
- CS50
Books and References
Translation Phases
- Phases of translation - cppreference.com
- Steps of compiling a C program - Becky Chen - Medium
- The Four Stages of Compiling a C Program
- GCC Preprocessor Options
Style Things
- Style Guide for C — CS50 Docs
- CMU C Coding Standard
Modern C
- Modern C
- Jens Gustedt's Blog | Modern C
- Modern C programming book: Computer Science from the Bottom Up
Coding Standards
- Intro to Coding Standards — Coding Rules and Guidelines | Perforce
- C Coding Standard
- Doxygen: Main Page
- SEI CERT C Coding Standard - SEI CERT C Coding Standard - Confluence
Other Useful Things
- c preprocessor - #define macro for debug printing in C? - Stack Overflow
- No Starch Dive into Systems | A gentle introduction to C, Assembly, Computer Systems, Computer Organization, and Parallel computing
- C Programming Language, 2nd Edition
- C Programming: A Modern Approach, 2nd Edition
- CMU Recommended - C Traps and Pitfalls
- Also CMU Recommended - Computer Systems: A Programmer's Perspective
- CMU Recommended: C Traps and Pitfalls Book
- CMU Recommended (first few chapters) - The Practice of Programming - Google Search
- Mastering Algorithms with C > Mastering Algorithms with C : Safari Books Online
- C Book Answers
- The Definitive C Book Guide and List – seclab
- C reference - cppreference.com
- C/C++ for Hackers « Null Byte :: WonderHowTo
- Learn C the Hard Way: Practical Exercises on the Computational Subjects You Keep Avoiding (Like C)
- Beej's Guide to C Programming
- Advanced Programming in the UNIX Environment, 3rd Edition
Useful Tutorials and Tools
- C Storage Classes
- 10.2 Pointers and Arrays; Pointer Arithmetic
- C for C++ Programmers
- c - What does getting the address of an array variable mean? - Stack Overflow
- ridiculousfish/cdecl-blocks: The venerable cdecl, with Apple blocks support
- function - C Assign Pointer to NULL - Stack Overflow
- Stanford Essential C (45 pages)
- Is sizeof for a struct equal to the sum of sizeof of each member? - GeeksforGeeks
- alignment and padding
- How do I calculate the value of sizeof(struct) in C? - Quora
- Reversing a string in C - Stack Overflow
- h0mbre/Learning-C: A series of mini-projects used to learn C for beginners
- jart/cosmopolitan: fast portable static native textmode containers
Data Structures
- C Programming: Advanced Data Types
Embedded Programming
- Become an embedded programmer in 5 months : learnprogramming
Pointer Stuff
- The 5-Minute Guide to C Pointers
- pointers - How come an array's address is equal to its value in C? - Stack Overflow
- PointersAndMemory.pdf
- Pointer Arithmetic
- C Right-Left Rule (Rick Ord's CSE 30 - UC San Diego)
- Linus on understanding pointers - Gregory Trubetskoy
Courses
- Berkeley C Course
- http://www-inst.eecs.berkeley.edu/~selfpace/c/
- How to C (as of 2016)
- cbourke/ComputerScienceI: Computer Science
- Berkeley C Programming
- Learn C the Hard Way
Useful C Programming Stuff
- SEI CERT C Coding Standard
- cdecl: C gibberish ↔ English
- C Linked List Data Structure Explained with an Example C Program
- How to use Time and Date in C | CodingUnit Programming Tutorials
- C library function - rand()
- A Little C Primer/C String Function Library - Wikibooks, open books for an open world
- C Refresher - YouTube
- Pointers as function returns in C/C++ - YouTube
- Cheatsheet-c
- Repl.it - The world's leading online coding platform
- GitHub - fffaraz/awesome-cpp: A curated list of awesome C/C++ frameworks, libraries, resources, and shiny things. Inspired by awesome-... stuff.
- How Do I Declare A Function Pointer in C?
- cdecl: C gibberish ↔ English
- How to C (as of 2016)
- C Book Answers
- GitHub - rby90/project-based-tutorials-in-c: A curated list of project-based tutorials in C
- Mastering Algorithms with C > Mastering Algorithms with C : Safari Books Online
- Learn C The Hard Way
- GitHub - zedshaw/learn-c-the-hard-way-lectures: All of the code from Learn C The Hard Way, each project, plus the presentation slides used in the videos.
- C/C++ for Hackers « Null Byte :: WonderHowTo
- C reference - cppreference.com
- The Definitive C Book Guide and List – seclab
- Learn C the Hard Way
- Style Guide for C — CS50 Docs
- c - How do I use extern to share variables between source files? - Stack Overflow
- Stanford C Style Guide
- Why does calloc exist? — njs blog
- NEU - Introduction to C Programming
- C Programming history
- C with Classes Project
- John Regehr's Integers in C
- Norm Matloff's Unix/C Tutorial Center
C++ Stuff
Good Learning Material
Books
Beginner Books
- The Definitive C++ Book Guide and List - Stack Overflow
- Recommended Book if No Prior Experience in Programming
- Recommended Intro Book for Prior Programmers: A Tour of C++
Intermediate Books
- Recommended Intermediate Book: Effective Modern C++: 42 Specific Ways to Improve Your Use of C++11 and C++14
- proper resource management and exception safety in C++ through Resource Acquisition is Initialization (RAII) in addition to in-depth coverage of a variety of other topics including the pimpl idiom, name lookup, good class design, and the C++ memory model
- generic programming, optimization, and resource management; this book also has an excellent exposition of how to write modular code
- 101 best practices, idioms, and common pitfalls that can help you to write correct, understandable, and efficient C++ code
- Amazon.com: Accelerated C++: Practical Programming by Example
- The Definitive C++ Book Guide and List - Stack Overflow
- Jumping into C++
- Jumping into C++, by Alex Allain - Cprogramming.com
Courses
- Berkeley C++ Course
- Teach Yourself C++ in 21 Days
- Learn C++ | Codecademy
- C++ Tutorial for Complete Beginners | Udemy
Translation Phases
- Phases of translation - cppreference.com
- The C++ Compilation Process
- Stroustrup: FAQ
- Introduction to Standard Template Library in C++ | Studytonight
- Good Video Intro to C++ Programming
- Learn C++ - Free Interactive C++ Tutorial
- Learn C++
- C++ Programming Language - GeeksforGeeks
- Storage Classes in C++
- C++ Tutorial Front Page - 2018
- C++ FAQ
- Newbie Questions & Answers, C++ FAQ
- Big Picture Issues, C++ FAQ
- C++ Programming/Code/Statements/Functions - Wikibooks, open books for an open world
- Stanford CS106X Programming Abstractions in C++
- Stanford CS106B Programming Abstractions
Best Practices
Pass By Reference vs Pass By Value
- Pass By Reference
- c++ - Isn't "const" redundant when passing by value? - Stack Overflow
- Const Correctness, C++ FAQ
- C++ Programming/Code/Statements/Functions - Wikibooks, open books for an open world
- The rule of three/five/zero - cppreference.com
- C++ reference - cppreference.com
- C++ Core Guidelines
- C++ Stuff from r/learnprogramming
- Effective Modern C++ [Book]
- RAII - cppreference.com
- c++ - Why is list initialization (using curly braces) better than the alternatives? - Stack Overflow
- C++ Braced Initialization
- gabime/spdlog: Fast C++ logging library.
- ObjectOrientedProgramminginC4thEdition.pdf
- CPP_v1.1.pdf
- Google C++ Style Guide
- The C++ Standard
- Ampersand (&) operator in a C++ function argument
- pointers - How to pass objects to functions in C++? - Stack Overflow
- Use constexpr for faster, smaller, and safer code | Trail of Bits Blog
- Templates, C++ FAQ
- Coding Standards, C++ FAQ
- Embedded Systems Coding Standard
- Good C++ Coding Standards: 101 Rules, Guidelines, and Best Practices (9780321113580): Herb Sutter, Andrei Alexandrescu: Books
- C++ Core Guidelines
Coding Standards
- Intro to Coding Standards — Coding Rules and Guidelines | Perforce
- Resource Acquisition is Initialisation (RAII) Explained — Tom Dalling
Data Structures
- USC - CSCI 104 – Data Structures and Object Oriented Design
- Data Structures and Algorithms in C++, Second Edition: Safari Books Online - Premium
- Notes on Data Structures and Programming Techniques (CPSC 223, Spring 2018)
- Storage Classes in C++
Memory Management
Smart Pointers
- Pointers - C++ Tutorials
- A beginner's look at smart pointers in modern C++ - Internal Pointers
- this Pointer | Microsoft Docs
- Memory Management, C++ FAQ
- Unique/Shared/Weak Pointers
- Move smart pointers in and out functions in modern C++ - Internal Pointers
- GotW #89 Solution: Smart Pointers – Sutter’s Mill
- c++ - How to properly duplicate an object given its shared_ptr - Stack Overflow
- c++ - clearing a vector of pointers
- Destructors (C++) | Microsoft Docs
- Smart Pointers (Modern C++) | Microsoft Docs
- How to: Create and Use unique_ptr Instances | Microsoft Docs
- Unique Pointers - Windows applications | Microsoft Docs
- std::unique_ptr - cppreference.com
- Memory Management, C++ FAQ
Pointers
- Pointers - C++ Tutorials
- A beginner's look at smart pointers in modern C++ - Internal Pointers
- this Pointer | Microsoft Docs
- Memory Management, C++ FAQ
- Unique/Shared/Weak Pointers
- Move smart pointers in and out functions in modern C++ - Internal Pointers
- GotW #89 Solution: Smart Pointers – Sutter’s Mill
- c++ - How to properly duplicate an object given its shared_ptr - Stack Overflow
Solutions to Problems
- c++ - cannot call member function without object - Stack Overflow
- CMake, Tests and Tooling for C/C++ Projects [2022 Edition] | Udemy
- Quick Start to Modern C++ for Programmers | Udemy
- GitHub - fffaraz/awesome-cpp: A curated list of awesome C/C++ frameworks, libraries, resources, and shiny things. Inspired by awesome-... stuff.
- Solve C++ | HackerRank
- TopCoder Problems
- GitHub - rigtorp/awesome-modern-cpp: A collection of resources on modern C++
- Strong vs Weak References – Elliot Chance – Medium
- What is the "-->" operator in C/C++? - Stack Overflow
Python
Courses
- Course | CS50's Introduction to Programming with Python | edX
- Introduction to Computer Science and Programming in Python - MIT
- Berkeley Python Course
- The Python Tutorial — Python 3.7.0 documentation
- Welcome to Python 101! — Python 101 1.0 documentation
- MIT - Introduction to Computer Science and Programming Using Python
- Learn Python - Free Interactive Python Tutorial
- Introduction to Python – Hyperskill
- Learn Python Tutorials
Books
- iluxonchik/blackhat-python-book: Code from Blackhat Python book
- Automate the Boring Stuff with Python
- blackhat-python3: Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate issues of dependency resolution involving deprecated module
Projects
- OrbitalArt/OrbitalArt.py at master · LAMagicx/OrbitalArt · GitHub
- How to Think like a Computer Scientist: Interactive Edition
Useful Libraries
Numpy/SciPy
- Linear algebra (numpy.linalg) — NumPy v1.16 Manual
- NumPy and SciPy Documentation
- Mathematical functions — NumPy v1.16 Manual
- Random sampling (numpy.random) — NumPy v1.16 Manual
- Broadcasting — NumPy v1.16 Manual
- Array creation — NumPy v1.16 Manual
- Data types — NumPy v1.16 Manual
- The N-dimensional array (ndarray) — NumPy v1.16 Manual
- Sorting, searching, and counting — NumPy v1.16 Manual
- pandas.DataFrame.fillna — pandas 0.24.2 documentation
- GitHub - Textualize/rich: Rich is a Python library for rich text and beautiful formatting in the terminal.
- cython/cython: The most widely used Python to C compiler
- GitHub - tiangolo/sqlmodel: SQL databases in Python, designed for simplicity, compatibility, and robustness.
Videos To Learn From
- How to Learn Python Tutorial - Easy & simple! Learn How to Learn Python! - YouTube
- Python Tutorials - YouTube
- Python's Class Development Toolkit - YouTube
- Raymond Hettinger - Beyond PEP 8 -- Best practices for beautiful intelligible code - PyCon 2015 - YouTube
- Transforming Code into Beautiful, Idiomatic Python - YouTube
- What Does It Take To Be An Expert At Python? - YouTube
- python_expert_notes
- Python Network Programming - TCP/IP Socket Programming - YouTube
- Python for Beginners - YouTube
- Corey Schafer - YouTube
Advanced Python Style/OOP Stuff
- UsingAssertionsEffectively - Python Wiki
- Data model (Dunder Methods, i.e., __repr__)
- PEP 8 -- Style Guide for Python Code | Python.org
- Popular Python recipes « ActiveState Code
- oop - What is the difference between @staticmethod and @classmethod in Python? - Stack Overflow
- Enriching Your Python Classes With Dunder (Magic, Special) Methods – dbader.org
- Interfacing Python and C: Advanced “ctypes” Features – dbader.org
- Serious Python | No Starch Press
- Math Adventures with Python | No Starch Press
- How to Write Perfect Python Command-line Interfaces — Learn by Example
- Writing Python Command-Line Tools With Click – dbader.org
- Python - Multiple constructors
- Python 3 Patterns, Recipes and Idioms
- Good and Bad Practices of Coding in Python - DEV Community 👩💻👨💻
Python Issue Fixes
- python - Permanently add a directory to PYTHONPATH - Stack Overflow
- How do I find the location of Python module sources? - Stack Overflow
- installation - How do I find the location of my Python site-packages directory? - Stack Overflow
Useful Python Tips/Things
- 8.7. sets — Unordered collections of unique elements — Python 2.7.16 documentation
- I made a threading guide for beginners. : learnprogramming
- Python Modules and Packages – An Introduction – Real Python
- Python Tuples and Dicts
- Python GIL: Python behind the scenes #13: the GIL and its effects on Python multithreading
- GitHub - bitstamp-security/astvuln: A simple Python AST scanner
- Python Regex Logic for matching IP Addresses - Stack Overflow
- geolocation - Python: Pass a list of IP addresses to geoip2 for location lookup - Stack Overflow
- Converting an HEX to unsigned INT16 in python - Stack Overflow
- integer - Hex string to signed int in Python 3.2? - Stack Overflow
- C type mimicing for int wrap around and other stuff in Python: Cython for NumPy users — Cython 3.0.0a9 documentation
- AssemblyAI Speech-to-Text API | Automatic Speech Recognition
- python - How do I list all files of a directory? - Stack Overflow
- How to convert JSON data into a Python object? - Stack Overflow
- URL Decoding query strings or form parameters in Python | URLDecoder
- How to get MD5 sum of a string using python? - Stack Overflow
- Image-Captcha solving | pytesseract - Google Search
- 10 Essential Python Tips And Tricks For Programmers - GeeksforGeeks
- Understanding the underscore( _ ) of Python – Hacker Noon
- Python Argparse Cookbook – mkaz.blog
Profiling/Timing
- The Python Profilers — Python 3.7.4 documentation
- timeit — Measure execution time of small code snippets — Python 3.7.4 documentation
Other Interesting Python Stuff
- Python Basics for Hackers, Part 4: How to Find the Exact Location of any IP Address
- Python Coding on Twitter: "Day 85 : Desktop Notification with Python https://t.co/3E5HQkkw4d https://t.co/1b6BzHhCR0" / Twitter
- unsapien: Python script to extract embedded data from binaries generated by SAPIEN Script Packager
- Python: unsigned 32 bit bitwise NOT
- Reason for needing the mask for bitwise NOT: BitwiseOperators - Python Wiki
- Is multithreading in python a myth? - Stack Overflow
Python Network Programming
- UdpCommunication - Python Wiki
- Socket Programming in Python (Guide) – Real Python
- python - Encrypt & Decrypt using PyCrypto AES 256 - Stack Overflow
- How to use SimpleHTTPServer
- CMU - The Pythonic Way [PDF]
- PyPI tutorial
- Cracking Codes with Python
- Python Training by Dan Bader – dbader.org
- Python Tutorial: Home
Java Stuff
Data Structures
- Java HashSet Tutorial with Examples | CalliCoder
- java - Is it better to use a TreeSet or ArrayList when using a custom comparator - Stack Overflow
- How to do the equivalent of pass by reference for primitives in Java - Stack Overflow
- java - Changing array in method changes array outside - Stack Overflow
- The Java™ Tutorials
- Trail: Learning the Java Language (The Java™ Tutorials)
JavaScript
- JavaScript Style Guide
- GitHub - 30-seconds/30-seconds-of-code: Short JavaScript code snippets for all your development needs
- Eloquent JavaScript
Rust
- Welcome to Comprehensive Rust 🦀 - Comprehensive Rust 🦀
- Rust Language Cheat Sheet
- The Rust Programming Language - The Rust Programming Language
- zodiacon/rust-course
GoLang
- Good intro to Go | A Tour of Go
- Documentation - The Go Programming Language
- A Tour of Go | Table of Contents
Nim
- Nim by Example - Main
- The Nim memory model
- Nim Manual
Electron
- Quick Start | Electron
- Application Debugging | Electron
- Instrumenting Electron Apps for Security Testing · Doyensec's Blog
- Cannot read property 'app' of undefined · Issue #138 · sindresorhus/electron-store
- Debug Electron App with VS Code | Pine Wu's Blog
- DevTools | Electron React Boilerplate
- octref/vscode-electron-debug: A guide to Debugging Electron App in VSCode
- Debugging in VSCode | Electron
x86 Assembly
- x86 Opcode Structure and Instruction Overview
- Easy x86-64
- x86 Calling Conventions. “The great thing about calling… | by John Toterhi | Level Up Coding
- x86 calling conventions - Wikipedia
- Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
- c - Can I use Intel syntax of x86 assembly with GCC? - Stack Overflow
- ubuntu - Compile/run assembler in Linux? - Stack Overflow
- x86 - How do you use gcc to generate assembly code in Intel syntax? - Stack Overflow
- Assembly Primer For Hackers (Part 1) System Organization - YouTube
- UMBC CMSC313 | Computer Organization & Assembly Language Programming |Spring 2013
- x86 Reference Materials — GT | CS-3210
- QEMU - x86 Emulator
- Debugging | bochs: The Open Source IA-32 Emulation Project (Home Page)
- Brennan's Guide to Inline Assembly
- CSE 451 | Lab 1: Booting a PC
- x86 Assembly Crash Course - YouTube
- x86 Disassembly/Functions and Stack Frames - Wikibooks, open books for an open world
- Getting Started with Assembly - Creating a Development Environment with NASM & Microsoft C Compiler - YouTube
Unix Stuff (Shell Stuff)
Courses
- Berkeley UNIX Course
- Learn Shell Programming - Free Interactive Shell Programming Tutorial
- The Bash Guide
- BashGuide - Greg's Wiki
- The Linux Documentation Project: Guides
- #!/bin/bash
- Linux Command Line Tutorial
- LinuxCommand.org: Learning the shell.
- Bash Guide for Beginners
- The Bash Academy
- A curated list of Shell Stuff
- OverTheWire: Bandit - Wargame For Learning UNIX Shell Stuff
- OverTheWire: Leviathan - Unix Wargame
- Bash tips & tricks: good and not-so-good bash practices | Pragmatic Coders
- Bash scripting cheatsheet
- Understanding Awk – Practical Guide – Developers Area
- command line - How to iterate over arguments in a Bash script - Stack Overflow
- how to access the next argument of command line parameters in bash? - Unix & Linux Stack Exchange
- Multiple conditions in if statement shell script - Stack Overflow
SQL Stuff
- PostgreSQL execution plan visualizer
- Learn SQL | Codecademy
- More SQL Practice | SQLBolt - Learn SQL - Introduction to SQL
- SQL Practice | The SQL Murder Mystery
- SQL Questions
- SQL for Data Analysis | Udacity Free Courses
- Mode SQL Tutorial | - Mode
- SQL Tutorial - Full Database Course for Beginners - YouTube
- GitHub - tiangolo/sqlmodel: SQL databases in Python, designed for simplicity, compatibility, and robustness.
Full Stack Development
Front End Development
- grab/front-end-guide: 📚 Study guide and introduction to the modern front end stack.
- CSS Tutorial
Frameworks
- React – A JavaScript library for building user interfaces
- AngularJS — Superheroic JavaScript MVW Framework
- A collection of full-stack resources for programmers.
- YouTube - Web Dev Stuff
- freeCodeCamp - Full Stack Tutorial
- Courses | The Odin Project
- Full Stack Book: crash-course-django
- Super Crash Course in Full Stack Web Development with Python and Django
- The Odin Project | Free Course on Web Development
LUA
- Programming in Lua (first edition)
LLVM
- LLVM Language Reference Manual — LLVM 10 documentation
- LLVM Optimizer | Compiler Explorer
- LLVM Project Blog: Clang is now used to build Chrome for Windows
- Build your first LLVM Obfuscator. Welcome to a tutorial on building your… | by polarply | Medium
- ELI5: What is LLVM? Can it be used for general purpose programming? : learnprogramming
- The LLVM Compiler Infrastructure Project
- GitHub - trailofbits/mcsema: Framework for lifting x86, amd64, and aarch64 program binaries to LLVM bitcode
- Stateful Runtime Model Checking for Multithreaded Programs
- libFuzzer – a library for coverage-guided fuzz testing. — LLVM 10 documentation
- Coverage-guided binary fuzzing with rev.ng and llvm libfuzzer
- mcsema - lifting-bits: Framework for lifting x86, amd64, and aarch64 program binaries to LLVM bitcode
- lifting-bits/remill: Library for lifting of x86, amd64, and aarch64 machine code to LLVM bitcode
- Lifting Windows Driver Binaries into LLVM IR - Systems Software and Security Lab
- Translate x86_64 and ARM binaries to LLVM IR. : ReverseEngineering
- microsoft/llvm-mctoll: llvm-mctoll
- Decompiling Binaries into LLVM IR Using McSema and Dyninst
- toor-de-force/Ghidra-to-LLVM: An binary-to-LLVM IR lifter that leverages Ghidra's IR and analysis
- LLVM internals, part 3: from bitcode to IR
- llvm-mingw: An LLVM/Clang/LLD based mingw-w64 toolchain
- lifting-bits/anvill: ANVILL forges beautiful LLVM bitcode out of raw machine code
- securesystemslab/multicompiler: LLVM-based compiler to create artificial software diversity to protect software from code-reuse attacks.
- LLD - The LLVM Linker — lld 11 documentation
- llvm-ar - LLVM archiver — LLVM 8 documentation
- Lecture 6 Overview of the LLVM Compiler
- LLVM: llvm::ValueMap< KeyT, ValueT, Config > Class Template Reference
- llvm/ValueMap.h at master · llvm-mirror/llvm
- LLVM: llvm::ValueMap< KeyT, ValueT, Config > Class Template Reference
- LLVM Programmer’s Manual — LLVM 9 documentation
- LLVM Programmer’s Manual — LLVM 9 documentation
- Matching source-level CFG basic blocks to LLVM IR basic blocks - Adam Rehn
- Open Source: 2018 - Java/C++/Python/BigData/Android/
- Project-based-learning: Curated list of project-based tutorials
- The V Programming Language
Intro Courses/Tutorials/Books
Books
Suggested Starting Books
- The Standard C Library
- The Practice of Programming
- The Algorithm Design Manual
- The Unix Programming Environment
- Advanced Programming in the UNIX Environment
- Design Patterns: Elements of Reusable Object-Oriented Software
- C Programming Language - K & R
- free-programming-books/free-programming-books.md at master · EbookFoundation/free-programming-books
- The Pragmatic Programmer: From Journeyman to Master: 8601404321023: Computer Science Books @ Amazon.com
- Free Programming Books – GoalKicker.com
- What book made you a better developer? : learnprogramming
- Structure and Interpretation of Computer Programs
- Welcome to the SICP Web Site
- SICP - Structure and Interpretation of Computer Programs
- Structure and Interpretation of Computer Programs - 2nd Edition (MIT Electrical Engineering and Computer Science): Harold Abelson, Gerald Jay Sussman, Julie Sussman: 9780262510875: Amazon.com: Books
- The Pragmatic Programmer: From Journeyman to Master: 8601404321023: Computer Science Books @ Amazon.com
- Catalog - zyBooks
- Code Complete: A Practical Handbook of Software Construction, Second Edition: Steve McConnell: 0790145196705: Amazon.com: Books
- Introduction to Computer Organization | No Starch Press
- Bare Metal C | No Starch Press
Harvard Stuff (CS 50)
- CS50's Introduction to Computer Science | edX
- CS50's Introduction to Computer Science | edX
- CS50 - Reference
- Introduction to Game Development
- CSCI S-51: Introduction to Computer Science II
- CS 61: Systems Programming and Machine Organization
- CS50
Carnegie Mellon - Intro to Comp Sci
- CMU - Intro to Computer Systems and Foundations of Computer Systems
Berkeley Intro to CS, DS, and Comp Arch
- Berkeley 61A - Intro to CS
- Berkeley 61B - Data Structures
- Berkeley 61C - Computer Architecture
- Berkeley CS and EE Course Achives
- Computer Science 61A, 001 - Spring 2011 : Free Movies : Free Download, Borrow and Streaming : Internet Archive
MIT - Writing Good Code
- MIT - Software Construction - How to write good code
Awesome Videos
- CS Dojo - CS Stuff Explained Well!
- Recursion for Beginners: A Beginner's Guide to Recursion - YouTube
- How to solve coding interview problems ("Let's leetcode") - YouTube
- Great Intro Videos - Back To Back SWE - YouTube
- Daniel Schiffman - Tons of Coding Tutorials and Challenge Walkthroughs
Blog Posts To Read
- ABC: Always Be Coding – Always Be Coding – Medium
- Stevey's Blog Rants: Get that job at Google
Is CS Useful? What is CS?
- Is it possible to be self taught and get a good job without a degree?
- Is computer science all about coding? If not, what do we actually learn in computer science in the university? - Quora
- Is "Computer Science != Software Engineering" an excuse to teach programming poorly? - Software Engineering Stack Exchange
- How to learn a new programming language the right way
- GitHub - practical-tutorials/project-based-learning: Curated list of project-based tutorials
- GitHub - codecrafters-io/build-your-own-x: Master programming by recreating your favorite technologies from scratch.
- Intro to Programming, Data Structures, Algorithms
- Free Code Camp - Various Programming Languages and Things
- ossu/computer-science: Path to a free self-taught education in Computer Science!
- Coding-interview-university: A complete computer science study plan to become a software engineer.
- Teach Yourself Computer Science
- List of free university courses for learning Computer Science!
- awesome-courses
- Googles CS Guide
- professional-programming github repo
- Learn Computer Science | Free Online Courses | Class Central
- Intro to Systems Software - C/x86 ASM/Memory Management/GDB
- /r/learnprogramming
- Cisco DevNet: APIs, SDKs, Sandbox, and Community for Cisco Developers
- Good Pointer Introduction
- Learn X in Y Minutes: Scenic Programming Language Tours
- microsoft/Microsoft-3D-Movie-Maker: This is the source code for the original Microsoft 3D Movie Maker released in 1995. This is not supported software.
Useful Tools/Cheatsheets/Other
Git & Github Stuff
Github Actions
- Understanding GitHub Actions - GitHub Docs
- Github Actions | Expressions - GitHub Docs
- Github Actions | Contexts - GitHub Docs
- Github Actions Example | capa/.github/workflows at master · mandiant/capa
- Github Actions Example 2 | capa-rules/.github/workflows at master · mandiant/capa-rules
- Github Actions Example 3 | VM-Packages/.github/workflows at main · mandiant/VM-Packages
Tutorials/Labs/Books
- Git - Book
- GitHub Learning Lab
- Git Tutorial - Try Git
- GitHub Learning Lab Teaches You GitHub by Using GitHub (Yes, Really)
- Visual way to learn Git branching
- Learn Git - DeployHQ
- CMU Git Quickstart
- Learn Git Branching
Good Tips and Help
- Adding a new SSH key to your GitHub account - User Documentation
- Follow these simple rules and you’ll become a Git and GitHub master
- How to save a puppy by creating a clean Git repo
- Writing good commit messages · erlang/otp Wiki
- Merge commits don't appear in git rebase --interactive - Stack Overflow
- Oh, shit, git!
- Lightning Talk: Git add -p · GitHub
- Removing files from Git Large File Storage - GitHub Docs
- Simple steps to uninstall Git LFS from your repository · Issue #3026 · git-lfs/git-lfs
- GitHub Code Search (Preview)
- Github Cloud Dev Environment | 33 hrs/month of free | Github Codespaces
- index :: Git Cheatsheet :: NDP Software
- Fun Things You Can Do With github.dev 😎 - DEV Community
Terminals/Code Editors
Vim
- 78 Keyboard Shortcuts for VIM
- PacVim - A Game That Teaches You Vim Commands
- Vim Cheat Sheet - English
- Vi Vim frozen fix
- How do I change tab size in Vim? - Stack Overflow
- Mastering the VI editor | Susnet
- Vim Tutorial for Beginners: vimtutor - SysTutorials
- neoclide/coc.nvim: Intellisense engine for vim8 & neovim, full language server protocol support as VSCode
- MaskRay/ccls: C/C++/ObjC language server supporting cross references, hierarchies, completion and semantic highlighting
- junegunn/fzf.vim: fzf vim
- junegunn/vim-easy-align: A Vim alignment plugin
- vim-syntastic/syntastic: Syntax checking hacks for vim
- Vim Awesome
- ycm-core/YouCompleteMe: A code-completion engine for Vim
VSCode
Useful Plugins
- CodeTour - record and playback guided tours of codebases
- [Preview] README.md - codetour [GitHub] - Visual Studio Code - GitHub
- GitHub Copilot · Your AI pair programmer
- VSCode Browser
- vscode text fix
- chriskempson/tomorrow-theme: Tomorrow Theme the precursor to Base16 Theme
- vscode settings - Is there a quick change tabs function in Visual Studio Code? - Stack Overflow
- visual studio-code: Unable to edit keybingings.json "cannot edit in read-only editor" - Stack Overflow
Visual Studio
- Visual Studio Keyboard Shortcuts
- sshx
- Online Interactive Terminal Sharing | sshx: Fast, collaborative live terminal sharing over the web
ChatGPT/Bard/AI Tools
- Santiago Valdarrama on LinkedIn: 9 ways ChatGPT saves me hours of work every day, and why you'll never… | 1,676 comments
Regex
- RegExr: Learn, Build, & Test RegEx
- Regex Tutorial - Repetition with Star and Plus
- Regex 101: Online Regex Tester
- Debuggex: Online visual regex tester. JavaScript, Python, and PCRE.
- How to Regex: A Practical Guide to Regular Expressions (Regex) for Hackers | @Bugcrowd
- RegExr: Learn, Build, & Test RegEx
- Regex Tutorial - Repetition with Star and Plus
- AutoRegex: Convert from English to RegEx with Natural Language Processing
- regex finditer - How can I find all matches to a regular expression in Python? - Stack Overflow
- Regex Tutorial - Backreferences To Match The Same Text Again
- Regex Tutorial - Lookahead and Lookbehind Zero-Length Assertions
- re — Regular expression operations — Python 3.10.5 documentation
- regex - How do I extract HTML img sources with a regular expression? - Stack Overflow
- Regex Match all characters between two strings - Stack Overflow
- Implementing Regular Expressions
- Irregular expressions - tavianator.com
JSON
- GitHub - AykutSarac/jsoncrack.com: 🔮 Seamlessly visualize your JSON data instantly into graphs; paste, import or fetch!
Diagrams and Modelling
- yEd - Graph Editor
- Visio Online—anywhere, anytime access to your diagrams - Microsoft 365 Blog
- StarUML
- staruml-gitbook/README.md at master · staruml/staruml-gitbook
- PlantUML - Visual Studio Marketplace
- qjebbs/vscode-plantuml: Rich PlantUML support for Visual Studio Code.
- GitHub - mingrammer/diagrams: Diagram as Code for prototyping cloud system architectures
Logic Gates/Binary Things
- Binary Fundamentals
Programming Collaboration
- Visual Studio Live Share: Real-Time Code Collaboration Tool
- Introducing Visual Studio Live Share
- Atlassian Bitbucket Git Code Management Tool for Teams
- github/copilot-docs: Documentation for GitHub Copilot
- OverAPI.com | Collecting all the cheat sheets
- Code Quality Checker List
- An Illustrated Guide to Some Useful Command Line Tools - WezM.net by Wesley Moore
- Valgrind Memcheck
- memory leaks - How to use valgrind with python? - Stack Overflow
- c - How do I use valgrind to find memory leaks? - Stack Overflow
- Introducing Microsoft Application Inspector
- The Missing Semester of Your CS Education · the missing semester of your cs education
- Missing Semester IAP 2020 - YouTube
- moyix/mmgrep: Fast search for binary strings
- CoderPad: Live Coding Interview Platform & Technical Assessment Tool
- explainshell.com - match command-line arguments to their help text
- Denigma - AI that reads and explains code in understandable english
- OneCompiler - Write, run and share code online
Challenge and Project Sites
Projects
- Curated list of C/C++ project-based tutorials
- Programming · isislab/Project-Ideas Wiki
- Explore · GitHub
- Golly Game of Life Home Page
- John Conway's Game of Life
Challenges and Coding Questions
- Recommended? - Pluralsight - SkillIQ
- Must Do Coding Questions for Companies like Amazon, Microsoft, Adobe, ... - GeeksforGeeks
- GOOD - LeetCode - The World's Leading Online Programming Learning Platform
- Codeforces
- CodinGame - Practice coding with fun programming challenges - CodinGame
- HackerRank | Technical Recruiting | Hiring the Best Engineers
- Explore 150+ Coding Challenges | edabit.com
- /r/DailyProgrammer Challenges!
- code challenge - Build a working game of Tetris in Conway's Game of Life - Programming Puzzles & Code Golf Stack Exchange
- Coderbyte | Programming challenges and courses
- Topcoder - Competitive Programming
- Project Euler | Fun Challenges
- Programming Tasks/Challenges
- #100DaysOfCode Official Website
- CodeCombat - Coding games to learn Python and JavaScript | CodeCombat
- Coding Puzzles | Facebook Recruiting
Best Practices and Advanced Topics for Programming
Books and Videos
- programming VOD's | Tsoding's Videos - Twitch
- Programming Pearls (2nd Edition): Jon Bentley: 0785342657883: Amazon.com: Books
- Code Complete: A Practical Handbook of Software Construction, Second Edition: Steve McConnell: 0790145196705: Amazon.com: Books
- First Few Chaps CMU Recommended - The Practice of Programming (Addison-Wesley Professional Computing Series) eBook: Brian W. Kernighan, Rob Pike: Kindle Store
- Martin Fowler @ OOP2014 "Workflows of Refactoring" - YouTube
- Understanding Computation
- Clean Architecture: A Craftsman's Guide to Software Structure and Design (Robert C. Martin Series) 1, Martin, Robert C., eBook - AmazonSmile
- Autotools - No Starch Press (April 24 - 40% off WORLDBOOKDAY)
- Write Great Code, Volume 1, 2nd Edition | No Starch Press
- Write Great Code, Volume 2, 2nd Edition | No Starch Press
- Write Great Code, Volume 3 | No Starch Press
- ThePrimeagen - Programming YouTuber
Makefile/CMake
- Must Read - Makefiles – Mrbook's Stuff
- Automatic make file generator
- GNU make
- CMake Tutorial | CMake
- Introduction to CMake | Skand Hurkat
- CMake Tutorial | CMake
- Unix Makefile Tutorial
- GNU Make Manual - GNU Project - Free Software Foundation
- Makefile Tutorial by Example
- GNU make
- GNU make
- Stanford UnixProgrammingTools.pdf
- The magic behind configure, make, make install
- Introduction to CMake by Example | derekmolloy.ie
Optimization
- Basic tips for optimizing code for speed
- Cell lists - Wikipedia
- java - Why is "2 * (i * i)" faster than "2 * i * i"? - Stack Overflow
- Denis Yaroshevskiy - YouTube
- Jonas Skeppstedt - YouTube
Refactoring, Object Oriented Programming, and Design Patterns
Object Oriented Programming
Books for OOP
- The Best Go To Book for Design Patterns
- Refactoring: Improving the Design of Existing Code
Videos for OOP
- "The Clean Code Talks -- Inheritance, Polymorphism, & Testing" - YouTube
- C++ Tutorial 11 : Polymorphism - YouTube
- "Uncle" Bob Martin - YouTube
Courses for OOP
- Introduction to Object-oriented Programming - MIT OpenCourseWare
- Object-Oriented Programming - MIT OpenCourseWare
- Encapsulation, Inheritance, Shadowing - MIT OpenCourseWare
- University of Helsinki - Object-Oriented programming with Java, part I
- Stanford - CS108: Object Oriented Programming
- CS 3500: Object-Oriented Design
- Introduction to Object-Oriented Programming with Java Professional Certificate | edX
- Design Patterns | Object Oriented Design
- the_skills_poor_programmers_lack.md
- Polymorphism - C++ Tutorials
- OOP Concept for Beginners: What is Abstraction?
- 4.2. Introduction to Object Oriented Programming — OpenDSA Data Structures and Algorithms Modules Collection
- OOP Recommendations: Head First Java, 2nd Edition
- Recommended for OOP: Head First Object-Oriented Analysis and Design
- Head First Design Patterns: Building Extensible and Maintainable Object-Oriented Software
- Head First Object-Oriented Analysis and Design
- C-4125L-TM Python Object Oriented Programming - Python
- SOLID - Wikipedia
- Class vs a function | Codecademy
Design Patterns
- All Design Patterns Video Tutorials - YouTube
- Software Design Patterns - GeeksforGeeks
- Recommended for OOP: Head First Design Patterns Book
- Design Principles
- Design Patterns - Python
- Head First Design Patterns Book
- Design Patterns: Elements of Reusable Object-Oriented Software
Refactoring
- Code refactoring - Wikipedia
- Refactoring: When and Why (Okay example in PERL)
- The Clean Coder: A Code of Conduct for Professional Programmers: Robert C. Martin: 4708364241379: Amazon.com: Books
- Refactoring
- Refactoring: Improving the Design of Existing Code (2nd Edition) (Addison-Wesley Signature Series (Fowler)): Martin Fowler: 9780134757599: Amazon.com: Books
- Refactoring: Improving the Design of Existing Code (2nd Edition) (Addison-Wesley Signature Series (Fowler)): Fowler, Martin: 9780134757599: Amazon.com: Books
- Notes on Data Structures and Programming Techniques (CPSC 223, Spring 2018)
- MIT - Software Construction - How to write good code
- Refactoring and Design Patterns
Pointer Stuff
- Double Pointers in C/C++ - DEV Community 👩💻👨💻
- Chapter 22: Pointers to Pointers
User Programming References
- kernel_user_space_howto - The Linux Documentation Project
- LXR / The Linux Cross Reference
- linux - What is the difference between procfs and sysfs? - Unix & Linux Stack Exchange
- Configfs - an introduction [LWN.net]
- debugfs - yet another in-kernel file system [LWN.net]
- Kernel Korner - Why and How to Use Netlink Socket | Linux Journal
- networking:generic_netlink_howto [Wiki]
- Generic Netlink HOW-TO based on Jamal's original doc [LWN.net]
- ioctl - Wikipedia
- GitHub - Kristories/awesome-guidelines: A curated list of high quality coding style conventions and standards.
- GitHub - mtdvio/every-programmer-should-know: A collection of (mostly) technical things every software developer should know about
- Meta Coding Tips
- Advanced Programming Topics
- Computer Programming/Standards and Best Practices - Wikibooks, open books for an open world
- Set (abstract data type) - Wikipedia
- Library (computing) - Wikipedia
- Code Review Stack Exchange
- Stanford Clean Code - Abstraction vs Implementation
- 3 creative techniques for writing modular code | TechBeacon
- Bit Twiddling Hacks
- Why glibc and pthread library both defined same APIs? - Stack Overflow
- Programming Tips
Debugging Stuff
- The Debugging Book
- Debugging: The 9 Indispensable Rules for Finding Even the Most Elusive Software and Hardware Problems: Agans, David J: 9780814474570: Amazon.com: Books
- The Case of the Connection Timeout
- The Case of the Slow Websites
- Debugging in Visual Studio Code
- Kernel Debugger Design - HyperDbg Research
- Debugging with PTrace
- Introduction to Debuggers
- Writing a Debugger From Scratch - DbgRs Part 2 - Register State and Stepping // TimDbg
Interview Stuff
System Design
- Grokking the System Design Interview - Learn Interactively
- Cracking system design interviews: example questions and prep – IGotAnOffer
- System Design Interview – An Insider's Guide: Volume 2: Xu, Alex, Lam, Sahn: 9781736049112: Amazon.com: Books
- ByteByteGo | System Design Blog
Programming/LeetCode
- The DEFINITIVE way on how to LeetCode properly. (Hint: You are most likely doing it wrong!) : r/cscareerquestions
- DFS - a list by RevathyGovind - LeetCode
- Split BST - LeetCode
- Graph Data Structure And Algorithms - GeeksforGeeks
- Binary Tree Data Structure - GeeksforGeeks
- Queue Data Structure - GeeksforGeeks
- Two Pointers Technique - GeeksforGeeks
- Microsoft Salary Negotiation - How to Maximize Your Microsoft Job Offer
- Tips to Get Hired & Interview Preparation | Microsoft Careers
- Interview Prep Hub | Facebook Recruiting
- Software Engineering: Initial Technical Interview on Vimeo
- Heap LeetCode
Security Engineer Interviews
- Google Virtual Interview
- Google Recommended Review - Notes/interview-study-notes-for-security-engineering.md at master · gracenolan/Notes
- Google Infosec Interview : AskNetsec
- Transport Layer Security - Wikipedia
- does tls/ssl use symmetric or asymmetric encryption - Google Search
- Information Security Engineer, Offensive Security - Google - New York, NY, USA - Reston, VA, USA - Washington, DC, USA - United States - Google Careers
- Google Security Engineer Interview Questions | Glassdoor
- My experience with Google interview for information security engineer
- same origin policy - Google Search
- CSRF - Google Search
- Explain in detail how traceroute works - Google Search
- Google Interview Question: Write a function that can determine if an input number is a power of 2. | Glassdoor
- Describe HMAC in detail. - Google Search
- How to Hack a Website: Hacking Websites Online Example
- Hack This Site | Hacking Websites | How to Hack a Website?
- What Are The Most Common Website Hacking Techniques? - Patchstack
- How to Hack a Website: Step-by-Step Website Hacking Guide 2022
- common algorithms and their use cases - Google Search
- common data structures and their use cases - Google Search
- Designing a distributed web scraper - Stack Overflow
- How can I create a distributed web scraper? - Quora
- Mastering Web Scraping in Python: Scaling to Distributed Crawling - ZenRows
- how to get data from a powered down device - Google Search
- How to create a botnet - Google Search
- What happens when you go to google.com - Google Search
- Google Recommended Blog - Pwning the security engineer interview – All Things Pwned!
- Google Online Security Blog
- how to protect a network - Google Search
- How would you go about securing a web server - Google Search
- Google Security Engineer Interview Questions | Glassdoor
- Google Information Security Interviews for Security Engineer - Blind
- Information Security Engineer Interview with Google - Blind
- Why you shouldn't send passwords in a GET request - Google Search
- authentication - Is it bad practice to use GET method as login username/password for administrators? - Information Security Stack Exchange
- authentication - Are security concerns sending a password using a GET request over https valid? - Stack Overflow
- IBM Docs
- An overview of the SSL or TLS handshake - IBM Documentation
- SSL Handshake - Google Search
- What happens in a TLS handshake? | SSL handshake | Cloudflare
- secure login functionality in python - Google Search
- securing client to server connections - Google Search
- 60 Cybersecurity Interview Questions [2019 Update] - Daniel Miessler
- How does ssh work - Google Search
- what are the modes of AES - Google Search
- fuzzing - Google Search
- A blueprint for evading industry leading endpoint protection in 2022 | Vincent Van Mieghem
- Duchess of SusSec – Medium
- 25+ Google Systems Design Interview Questions for Software Developers
- Google Cyber Security Interview Prep
- Google Leadership Principles Interview Questions
- What should I expect in a Security Engineer interview at Google and how should I prepare? - Quora
- Technical Interview Algorithms: The Tier List
- Offensive Security Engineer, Purple Team | Meta Careers
- Security Engineer, Investigations and Response | Meta Careers
- Security Engineer Investigator, Core Platform Security | Meta Careers
- Security Analyst
- Privacy Engineer, Red Team | Meta Careers
- MUST READ - The Interview Study Guide For Software Engineers
- 9 Behavioral Questions for Your Next Big Interview | Interview Prep
- How do you get better at coding interviews? : learnprogramming
- A list of events and fellowship opportunities for Computer Science students
- tech-interview-handbook: Algorithms study materials, behavioral content and tips for rocking your coding interview
- Google Interview Problems: Synonymous Queries – Alex Golec – Medium
- joyoyao/interviews: Everything you need to know to get the job.
- The Interview Study Guide For Data Engineers
- User Level thread Vs Kernel Level thread - LeetCode Discuss
- Intro to Processes & Threads - YouTube
- Difference Between Process and Thread - Georgia Tech - Advanced Operating Systems - YouTube
- Difference between forking and multithreading - LeetCode Discuss
- Start With: Grokking the Coding Interview: Patterns for Coding Questions - Learn Interactively
- Second (by Data Structure): Explore - LeetCode
- Helps with Pressure during Interview: Practice Mock Interviews & Coding Problems - Land Top Jobs | Pramp
- Calibrated SWE FAANG Interview: Anonymous Technical Mock Interviews | interviewing.io
- Google Interview - Q&A and AMA Live Stream - YouTube
Data Structures
Good Videos for Data Structures
- Data Structures & Algorithms #1 - What Are Data Structures? - YouTube
- Dynamic Arrays - Dynamic Arrays and Amortized Analysis | Coursera
- Data Structures: Linked Lists - YouTube
- UC San Diego - Linked Lists vs. Arrays - Interfaces, Linked Lists vs. Arrays, and Correctness
- Data Structures: Trees - YouTube
- Data Structures: Heaps - YouTube
- Data Structures: Hash Tables - YouTube
- UC San Diego - Phone Book Problem - Hash Tables | Coursera
- Data Structures: Stacks and Queues - YouTube
- Data Structures: Crash Course Computer Science #14 - YouTube
- Data Structures: Tries - YouTube
- Binary Heaps: Part 1 - YouTube
- UCSD Data Structures and Algorithms | Coursera
- Standford Linked List Problems
- Stanford Linked List Basics
- Stanford Binary Trees
- UC Irvine - CS 261 Data Structures
- Georgia Tech - Data Structures and Algorithms Professional Certificate | edX
Algorithms & Computational Theory
Courses
Intro To Algorithms Courses
- Algorithms by Jeff Erickson
- JeffE-Algorithms Hw's, Labs, and Tests
- JeffE - Algorithms - Lecture and Lab Schedule
- Intro to Algorithms | Udacity
- Introduction to Algorithms | Electrical Engineering and Computer Science | MIT OpenCourseWare
- Divide and Conquer, Sorting and Searching, and Randomized Algorithms | Coursera
- Graph Search, Shortest Paths, and Data Structures | Coursera
- Greedy Algorithms, Minimum Spanning Trees, and Dynamic Programming | Coursera
- Shortest Paths Revisited, NP-Complete Problems and What To Do About Them | Coursera
- Dynamic Programming | Competitive Programmer's Core Skills | Coursera
Graduate Intro to Algorithms
- Introduction to Graduate Algorithms - Udacity
Advanced Algorithms Courses
- Harvard - Advanced Algorithms (CS 224)
- Advanced Data Structures - GeeksforGeeks
Computational Theory
- Introduction to the Theory of Computation | Stanford Online
- Computer Science: Algorithms, Theory, and Machines | Coursera
- CMSC 652 --- Complexity Theory
- The Nature Of Computation
- https://courses.csail.mit.edu/6.042/spring17/mcs.pdf - Google Search
- Algorithms | Computer science | Computing | Khan Academy
- Algorithmic Complexity
- Asymptotic Complexity | Cornell
- CMU complexity of Algorithms
- CMU-Computational Complexity
- Georgia Tech Graduate Algorithms
- Schedule: Fall 2018 | cs6505
- cs6505
- Stanford CS103: Mathematical Foundations of Computing
- Stanford CS 103: Mathematical Foundations of Computing | Stanford Online
- Automata Theory | edX
- Video Lectures | Mathematics for Computer Science | Electrical Engineering and Computer Science | MIT OpenCourseWare
Good Videos For Algorithms
- 19. Dynamic Programming I: Fibonacci, Shortest Paths - YouTube
- What is complexity theory? (P vs. NP explained visually) - YouTube
- Algorithms: Graph Search, DFS and BFS - YouTube
- Algorithms: Binary Search - YouTube
- Binary Search Tree Review - YouTube
- Python Algorithms for Interviews - YouTube
- Algorithms: Recursion - YouTube
- Algorithms: Bubble Sort - YouTube
- Algorithms: Merge Sort - YouTube
- Algorithms: Quicksort - YouTube
- Introduction to Big O Notation and Time Complexity (Data Structures & Algorithms #7) - YouTube
- Asymptotic Notation - YouTube
- Dynamic Programming (Think Like a Programmer) - YouTube
- Algorithms: Memoization and Dynamic Programming - YouTube
- Dynamic Programming I: Fibonacci, Shortest Paths - YouTube
- Dynamic Programming II: Text Justification, Blackjack - YouTube
- Alternate proof to induction for integer sum | Precalculus | Khan Academy - YouTube
Books
- Mastering Algorithms with C [Book]
- Book of Proof: Richard Hammack: 9780989472104: Amazon.com: Books
- Grokking Algorithms: An Illustrated Guide for Programmers and Other Curious People: Bhargava, Aditya: 4708364241294: Amazon.com: Books
Videos
- GOOD - LeetCode - The World's Leading Online Programming Learning Platform
- USACO - algorithm design problems
- Recursion Visualizer
- VisuAlgo - visualising data structures and algorithms through animation
- Algorithms for Visual Learners | Hackaday
- Red Blob Games
- Big-O Algorithm Complexity Cheat Sheet (Know Thy Complexities!) @ericdrowell
- A Gentle Introduction to Algorithm Complexity Analysis
- Analysis of Algorithms | Set 4 (Analysis of Loops) - GeeksforGeeks
- Greedy Archives - GeeksforGeeks
- Oracle machine - Wikipedia
- Introduction to A*
- Introduction to the A* Algorithm
- Asymptotic notation (article) | Algorithms | Khan Academy
- Big-O notation (article) | Algorithms | Khan Academy
- Finding Max Flow using the Ford-Fulkerson Algorithm and Matthew McConaughey: a step-by-step explanation|downey.io
Software Engineering, Architecture, & System Design
System Design
- System-design-primer: Learn how to design large-scale systems. Prep for the system design interview. Includes Anki flashcards.
- Fernando 🇮🇹🇨🇭 on Twitter: "System design is the most challenging and exciting type of tech interview. Here is a complete list of topics that will help you get ready: {0/18} ↓" / Twitter
- John Crickett on LinkedIn: 75 Engineering blogs worth reading to improve your system design: High… | 53 comments
- software design principle - Google Search
- System Design Interview Guide for Senior Engineers
Software Engineering
SE Books
- Five Books that Changed My Career as a Software Engineer
- Software Engineering at Google
- Software Engineering at Google
SE Courses
- Berkeley Foundations of Software Engineering
- UC Berkeley CS 169 Software Engineering
- Free 30 Week Software Engineering Bootcamp - Class 01 - Learn The Basics Of HTML! #100Devs - YouTube
- CMU - Syllabus for Software Engineering
SE Tools
- SequenceDiagram.org - UML Sequence Diagram Online Tool
Blogs To Read
- Good Software Engineering Blog
SOLID Principle
- S.O.L.I.D: The First 5 Principles of Object Oriented Design | DigitalOcean
- SOLID - Wikipedia
- S.O.L.I.D principles: what are they and why projects should use them | by Mariana Azevedo | Medium
DRY Principle
- The DRY Principle: Benefits and Costs with Examples
Single Responsibility Principle
- single responsibility principle - Google Search
Decoupling
- software decoupling - Google Search
Software Architecture
Courses and Certifications
- Software Architecture: Principles and Practices - eLearning
- Software Architecture Design and Analysis
- SEI Software Architecture Professional Certificate
- Book: Designing Software Architectures: A Practical Approach - Google Search
- Software Architecture Patterns
- Software architecture | cosmicpython/book: A Book about Pythonic Application Architecture Patterns for Managing Complexity. Cosmos is the Opposite of Chaos you see. O'R. wouldn't actually let us call it "Cosmic Python" tho.
- twelve-factor app is a methodology for building software-as-a-service apps
Full Stack Dev/Web Dev (Front/Back End & UX/UI)
Frontend Development
Cool Stuff to Implement
- bleuje
- bleuje - Creative Animations with programming
- glowy hover effect
- grab/front-end-guide: 📚 Study guide and introduction to the modern front end stack.
- CSS Tutorial
- GitHub - yangshun/front-end-interview-handbook: ⚡️ Front End interview preparation materials for busy engineers
- YouTube - Web Dev Stuff
- Frontend Mentor | Challenges
Backend Development
Web Frameworks
- React – A JavaScript library for building user interfaces
- AngularJS — Superheroic JavaScript MVW Framework
Full Stack
Courses
- Highly Recommended Web Dev Course: The Web Developer Bootcamp: Learn HTML, CSS, Node, and More! | Udemy
- The Advanced Web Developer Bootcamp | Udemy
- Free Full Stack Course: App Academy Open
- Courses | The Odin Project
- Super Crash Course in Full Stack Web Development with Python and Django
- A collection of full-stack resources for programmers.
- freeCodeCamp - Full Stack Tutorial
- Full stack open 2021
- Full Stack Book: crash-course-django
Scalability & Microservices Stuff
- The Art of Scalability: Scalable Web Architecture, Processes, and Organizations for the Modern Enterprise (2nd Edition): Martin L. Abbott, Michael T. Fisher: 8601421951173: Amazon.com: Books
- What are microservices?
- Microservice Architecture and Design Patterns for Microservices
- Microservices + Events + Docker = A Perfect Trio - YouTube
- Awesome AI Assisted Editor from Google | Project IDX
- Syllabus - CS50 Beyond (Web App Dev)
- CS50's Web Programming with Python and JavaScript | edX
- Web Applications | Stanford Online
ML/AI/Data Science/Data Analytics/Data Engineering
Data Science/ML/AI/Big Data
Machine Learning
Intro to Machine Learning?
- 7 Steps to Mastering Machine Learning With Python
- Top 10 Machine Learning Algorithms for Beginners
- 8 Fun Machine Learning Projects for Beginners
- Andrew NG Intro to Machine Learning
- scikit-learn: machine learning in Python — scikit-learn 0.19.1 documentation
- Metacademy - Deep learning from the bottom up
- Deep Learning For Coders—36 hours of lessons for free
- Machine Learning - complete course notes
- Visualizing K-Means Clustering
Machine Learning Books
- Machine Learning textbook
- Pattern Recognition and Machine Learning (Information Science and Statistics): Christopher M. Bishop: 9780387310732: Amazon.com: Books
- Machine Learning: The Art and Science of Algorithms that Make Sense of Data: Peter Flach: 9781107422223: Amazon.com: Books
- Foundations of Machine Learning (Adaptive Computation and Machine Learning series): Mehryar Mohri, Afshin Rostamizadeh, Ameet Talwalkar: 9780262018258: Amazon.com: Books
- Introduction to Evolutionary Computing (Natural Computing Series): Agoston E. Eiben, J.E. Smith: 9783642072857: Amazon.com: Books
- Machine Learning Books : MachineLearning
- Essentials.pdf
- awesome-machine-learning/books.md at master · josephmisiti/awesome-machine-learning · GitHub
- 65 Machine Learning and Data books for free
Machine Learning Courses
Crash Courses
- https://ml.berkeley.edu/blog/2016/11/06/tutorial-1/
- Machine Learning & Artificial Intelligence: Crash Course Computer Science #34 - YouTube
- Crash Course in Machine Learning – IoT For All – Medium
- Prof. Lorenzo Rosasco (part 1) - Machine Learning: A basic toolkit - YouTube
- Googles Machine Learning Crash Course | Google Developers
Cornells Machine Learning for Intelligent Systems
- Syllabus | Machine Learning for Intelligent Systems
- CORNELL CS4780 "Machine Learning for Intelligent Systems"
- Lecture Notes
- A List of Awesome Machine Learning Courses
- Another Awesome List of Machine Learning Courses
- Applied Machine Learning (Cornell Tech CS 5787, Fall 2020) - YouTube
- 13. Learning: Genetic Algorithms - YouTube
- Deep Learning Summer School, Montreal 2015 - VideoLectures - VideoLectures.NET
- 9.520/6.860, Fall 2017
- Stanford University: Tensorflow for Deep Learning Research
- Columbia - Machine Learning 4771
- CS 189/289A: Introduction to Machine Learning
- Stanford University CS224d: Deep Learning for Natural Language Processing
- Stanford University CS231n: Convolutional Neural Networks for Visual Recognition
- oxford-cs-deepnlp-2017
- UMD CMSC 726: Machine Learning
- Review of Probability Theory
- Linear Algebra Review
- Convex Optimization
- Georgia Tech | Machine Learning
- TensorFlow Certificate | Google Developers Certification
- DeepLearning.AI TensorFlow Developer Professional Certificate | Coursera
Machine Learning Challenges
- openai Gym
Deep Learning and Machine Learning Tutorials
- Deep Learning
- Tutorials « Deep Learning
- Deep Learning Tutorials — DeepLearning 0.1 documentation
- MarI/O - Machine Learning for Video Games - YouTube
- NEATEvolve.lua - Pastebin.com
Reinforcement Learning
Q Learning
- A Painless Q-Learning Tutorial
- RL Course
- Reinforcement Learning Introduction - Georgia Tech - Machine Learning - YouTube
- GIAC Machine Learning Engineer Certification | Cybersecurity Certification
- Collection: Getting started with machine learning · GitHub
- GitHub - josephmisiti/awesome-machine-learning: A curated list of awesome Machine Learning frameworks, libraries and software.
- A curated list of adversarial machine learning resources
- Machine Learning for Cyber Security Resources
- index - MachineLearning
- [D] What is the best ML paper you read in 2018 and why? : MachineLearning
- /r/Machine Learning
- Intro Machine Learning Resources
- Start Here With Machine Learning - Machine Learning Mastery
- Welcome — Theano 1.0.0 documentation
- TensorFlow
- Choosing the right estimator — scikit-learn 0.19.1 documentation
- Geoffrey Hinton Neural Networks for Machine Learning
- scikit-learn: machine learning in Python — scikit-learn 0.24.1 documentation
- GitHub - remicnrd/ml_cheatsheet: A 5-pages only Machine Learning cheatsheet focusing on the most popular algorithms under the hood
- "Mastering your Machine Learning Interview 🧑🏫 I've summarized some great resources for you that will help you with your Machine Learning interview. Read below 👇" / Twitter
- Fernando Magno Quintao Pereira - YouTube
- MLKM (Machine Learning with Kernel Methods)
Artificial Intelligence
AI Courses
- Intro AI Resources
- Berkeley AI Materials
- MIT - The Society of Mind | Electrical Engineering and Computer Science | MIT OpenCourseWare
- Deep Learning AI by Andrew Ng - Google Search
- Artificial Intelligence | Electrical Engineering and Computer Science | MIT OpenCourseWare
- Artificial Intelligence: A Modern Approach (3rd Edition)
- 605.645 Artificial Intelligence (Butcher, S.) | Johns Hopkins University Engineering for Professionals
- AI 1: CS 7637: Knowledge-Based Artificial Intelligence: Cognitive Systems | OMSCS | Georgia Institute of Technology | Atlanta, GA
- AI 1: CS 8803: Artificial Intelligence for Robotics | OMSCS | Georgia Institute of Technology | Atlanta, GA
- AI 2: CS 6601: Artificial Intelligence | OMSCS | Georgia Institute of Technology | Atlanta, GA
- Cornell - CS 4700: Foundations of Artificial Intelligence
- Cornell - CS 6700: Advanced Artificial Intelligence
- New Google Cloud generative AI training resources | Google Cloud Blog
- AISecurity Resources
- AI Algorithms for Robotics
- Machine Learning & Artificial Intelligence: Crash Course Computer Science #34 - YouTube
- Programs | DeepLearning.AI
- GitHub - joonspk-research/generative_agents: Generative Agents: Interactive Simulacra of Human Behavior
Big Data
- Algorithms for Big Data (CS 229r)
- How to Stream Text Data from Twitch with Sockets in Python – LearnDataSci
- Learn Data Science | Free Online Courses | Class Central
- Statistics and R
- CS109 Data Science
- Learning From Data - Online Course (MOOC)
- Kaggle: Your Home for Data Science
- How to start with data analysis and data science
Data Analytics
- Interview Warmup - Grow with Google
Data Engineering
- Data Engineering Intro Project Idea
Data Visualization
- The D3 Graph Gallery – Simple charts made with d3.js
- D3.js Scatterplot
- Tutorials · d3/d3 Wiki · GitHub
- D3.js and Data Visualization | Free Courses | Udacity
- Vega-Altair: Declarative Visualization in Python — Vega-Altair 5.0.0rc1 documentation
- Bespoke Visualizations with a Declarative Twist - Speaker Deck
- GitHub - jakevdp/altair-examples: Some examples of Altair plots
- altair-tutorial/README.md at master · altair-viz/altair-tutorial · GitHub
- Altair Tutorial Intro - PyCon 2018 - Speaker Deck
- d3.js - Full Stack Python
- Combining python and d3.js to create dynamic visualization applications | by Kanishka Narayan | Towards Data Science
- D3 Dashboard Tutorial - Cube Blog
- Build A Dashboard Application with React + D3 | by sdq | Explore, Think, Create | Medium
- Simple D3JS Dashboard · GitHub
- Exploring Seattle Weather — Vega-Altair 5.0.0rc1 documentation
- https://www.chartgpt.dev
- chart-gpt source code: AI tool to build charts based on text input
Genetic Algorithms
- Introduction To Genetic Algorithms | Codecademy
- Topic: evolutionary-computation · GitHub
- An Introduction to Genetic Algorithms (Complex Adaptive Systems): Melanie Mitchell: 9780262631853: Amazon.com: Books
- Field Guide to Genetic Programming
- Microsoft Word - EvolProg_Introduction.doc
- Creating a genetic algorithm for beginners
Bioinformatics
- The Biostar Handbook: 2nd Edition
- FirstMark | 2023 MAD (ML/AI/Data) Landscape
- Classes, Workshops, Training | NVIDIA Deep Learning Institute
- Topic: evolutionary-computation · GitHub
Operating Systems and Systems Programming
Books and Videos
Processes and Threads
- User Level thread Vs Kernel Level thread - LeetCode Discuss
- Intro to Processes & Threads - YouTube
- Difference Between Process and Thread - Georgia Tech - Advanced Operating Systems - YouTube
- Difference between forking and multithreading - LeetCode Discuss
Good Books for Operating Systems
- The Linux Programming Interface: A Linux and UNIX System Programming Handbook: Michael Kerrisk: 9781593272203: Amazon.com: Books
- Advanced Programming in the UNIX Environment, 3rd Edition: W. Richard Stevens, Stephen A. Rago: 9780321637734: Amazon.com: Books
- Computer Systems: An Integrated Approach to Architecture and Operating Systems: Umakishore Ramachandran, William D. Leahy Jr.: 9780321486134: Amazon.com: Books
Good Videos for Operating Systems
- Bitwise, Day 0: Overview and Q&A - YouTube
- Write your own Operating System - YouTube
Carnegie Mellon University OS Course
- OS Book used by CMU
- Other OS Book used by CMU
- Amazing Free OS Book | Operating Systems: Three Easy Pieces
- No Starch Dive into Systems | A gentle introduction to C, Assembly, Computer Systems, Computer Organization, and Parallel computing
- The little book about OS development
- FuzzOS: Day 1, starting the OS - YouTube
- The Linux Kernel Module Programming Guide
OS Courses
Georgia Tech
Georgia Tech Graduate Intro to Operating Systems
Lecture Notes
Recommended Research Papers
- ud923-birrell-paper.pdf
- eykholt.pdf
- ud923-stein-shah-paper.pdf
- paper.dvi
- The Case For Architecture-Aware OS Kernel
- The performance of spin lock alternatives for shared-money multiprocessors - Parallel and Distributed Systems, IEEE Transactions on
- Formal Requirements for Virtualizable Third Gen Architectures
- Virtual Machine Monitors: Current Tech and Future Trends
- Implementing Remote Procedure Calls
- Caching in the Sprite Network File System
- Distributed Shared Memory: Concepts and Systems - IEEE Parallel & Distributed Technology: Systems & Applications
- GOOD - SystemProgramming Wiki · GitHub
- An Introduction to programming with threads
- hessmjr/operating-systems: Georgia Tech OMSCS - Operating Systems
- drharris/pretty-bonnie: Helps with Bonnie test output on Udacity.
- Interactive map of Linux kernel
- Linux source code: (v4.20) - Bootlin
- Spring19-schedule.xlsx - Google Sheets
- .net - What's the purpose of Thread.SpinWait method? - Stack Overflow
- CppCon 2018: Greg Law “Debugging Linux C++” - YouTube
- The Linux Programming Interface: A Linux and UNIX System Programming Handbook: Michael Kerrisk: 9781593272203: Amazon.com: Books
Georgia Tech Advanced Operating Systems
- AOSPrereq-and-Concepts-List.pdf
- Advanced Operating Systems Readings - Udacity
- Advanced OS Preparedness Test
- Another AOS Preparedness Test
Design of Operating Systems
- CS-3210: Design Operating Systems — CS-3210, Spring 2020 1 documentation
- sslab-gatech/cs3210-rustos-public: Lab assignments for Georgia Tech CS 3210 "Design of Operating Systems"
- CS 2200 An Introduction to Computer Systems and Networks
- CS 2200 - Introduction to Systems and Networking
- CS 2200 - Prof. Kishore Ramachandran - YouTube
- GT CS-3210 Spr2020: Build an operating system in Rust programming language
- Contact Information | Stanford Center for Professional Development
- The Georgia Institute of Technology | edX
MIT
- MIT - Operating System Engineering - Fall 2014
Stanford
- Stanford - Operating Systems - Spring 2014
Berkeley
- Berkeley CS 162: Operating Systems and Programming
Carnegie Mellon University OS Course
- OS Book used by CMU
- Other OS Book used by CMU
- x86 Memory Segmentation and Device Driver Project.pdf
- CMU OS Implementation and Design - Lecture Notes
- CUNY - UNIX System Programming
- Good OS Dev | BrokenThorn Entertainment
- Operating Systems Resources: UIUC
Thread and Process Stuff
- A gentle introduction to multithreading - Internal Pointers
- multithreading - Why should I use a thread vs. using a process? - Stack Overflow
- Thread safety - Wikipedia
- Atomic vs. Non-Atomic Operations
- Can multithreading be implemented on a single processor system? - Stack Overflow
- Parallelism vs. Concurrency - HaskellWiki
- Difference between Multiprogramming, Multitasking, Multithreading and Multiprocessing
- Inter-process communication - Wikipedia
- Process (computing) - Wikipedia
- Concurrency (computer science) - Wikipedia
- Parallel computing - Wikipedia
- Multithreading (computer architecture) - Wikipedia
- multithreading - When one thread blocks in C, why doesn't the entire process block - Stack Overflow
- multithreading - Why blocking system calls blocks entire procedure with user-level threads? - Stack Overflow
- Multi-Threaded Programming With POSIX Threads
- Internals of Windows Thread (TEB)
Embedded & RTOS
- WSU | Embedded and RTOS | 460 Class Notes
- Waterloo - CS452 - Spring 2012
- Introduction to RTOS Part 1 - What is a Real-Time Operating System (RTOS)? | Digi-Key Electronics - YouTube
Linux Specific Stuff
Linux Kernel Research Stuff
- User-mode Linux - Wikipedia
- Heavily Commented Linux Kernel Source Code
- Wonderful World of Linux 3.0 | Kniggit.net
- linux_internals.pdf
- System call - Wikipedia
- The Linux Kernel Module Programming Guide (2.6)
- Syscall Hijacking: Dynamically obtain syscall table address (kernel 2.6.x) | memset's blog
- Syscall Hooking via the Interrupt Descriptor Table (2.6)
- CMSC 421 - Adding a System Call to the Linux Kernel
- SYSENTER - OSDev Wiki
- HowTos/I need the Kernel Source - CentOS Wiki
- Implementing a System Call on Linux 2.6 for i386
- The Linux Kernel, Kernel Modules And Hardware Drivers
- The Linux Kernel API
- Linux Interrupt Handling
- Understanding the Linux Kernel, Third Edition - Amazon
- How Computers Boot Up | Many But Finite
- understanding linuxvmm
- The Kernel Boot Process | Many But Finite
- How The Kernel Manages Your Memory | Many But Finite
- System Calls Make the World Go Round | Many But Finite
- Page Cache, the Affair Between Memory and Files | Many But Finite
- Memory Translation and Segmentation | Many But Finite
- CPU Rings, Privilege, and Protection | Many But Finite
- Linux Memory Management
- Inside the Linux 2.6 Completely Fair Scheduler – IBM Developer
- Tour of the Linux kernel source
- Anatomy of a Program in Memory | Many But Finite
IPC - Interprocess Communication Mechanisms
- Message Queue/IPC
- Beej - Message Queues
- Message Queue
Memory Management
Shared Memory
- Shared Memory - Advanced Linux Programming - pg 98-100
Mapped Memory
- Memory Management
- Linux Memory Management
Process & Threads
Pthreads
- Pthread Examples
- An overview of Linux processes - Real world Linux Blog
- TLDP - Ch 4 - Processes
- Introduction to Linux Threads – Part I
- How to Create Threads in Linux (With a C Example Program)
- What are Linux Processes, Threads, Light Weight Processes, and Process State
Linux Kernel and Device Driver Programming
- The Linux Kernel Module Programming Guide
- Linux Device Drivers, 3rd Edition: Jonathan Corbet, Alessandro Rubini, Greg Kroah-Hartman: 9780596005900: Amazon.com: Books
- Linux Kernel Teaching — The Linux Kernel documentation
- Is linux 'the eudyptula challenge' still alive? - Quora
- 15-410 Project 1: Alibi
- GT Recommended | Linux Kernel Development (3rd Edition)
- GT Recommended | Linux Device Drivers, Third Edition [LWN.net]
- GT Recommended | Understanding the Linux Kernel, Third Edition
- GT Recommended | Understanding the Linux Memory Manager
- The Linux Kernel Module Programming Guide
- [stream] USB: Reverse Engineering and Writing Drivers - YouTube
- The Linux Kernel: Table of Contents
- Linux Internals
- Interrupt handlers · Linux Inside
- Linternals: Introduction
- Linux x86 Program Start Up
- Embedded Linux, kernel and real-time presentations - Bootlin
- Semaphores - Advanced Linux Programming - pg 101-103
- The Linux Programmers Guide
- Linux Kernel Programming Challenge | eudyptula-challenge
- Linux Kernel Map
- Starting Drivers
Generic Kernels and Kernel Programming
Kernel Programming
- Hello, World (part 1): The Simplest Module
- Bran's Kernel Development Tutorial
- eduOS - A teaching operating system
- Writing a Linux Kernel Module — Part 1: Introduction | derekmolloy.ie
- Amazon.com: Linux Kernel Development (8601300366272): Love, Robert: Books
- Kernels 101 – Let’s write a Kernel - Arjun Sreedharan
- Kernels 201 - Let’s write a Kernel with keyboard and screen support - Arjun Sreedharan
RTOS
- Waterloo - CS452 - Spring 2012
Generic Kernels
- Kernels 101 – Let’s write a Kernel - Arjun Sreedharan
- Kernels 201 - Let’s write a Kernel with keyboard and screen support - Arjun Sreedharan
Good Intro to OS Writing Stuff
- OS Development Bare Bones - OSDev Wiki
- Writing My Own Boot Loader - DEV Community 👩💻👨💻
- Good OS Project | MikeOS - simple x86 assembly language operating system
- MIT xv6 OS Class | 6.1810 / Fall 2022
- x89k - OS Dev for Dummies
- GitHub - lduck11007/os-tutorial: How to create an OS from scratch
- os01 | Bootstrap yourself to write an OS from scratch. A book for self-learner.
- The little book about OS development
- Intro OS Resources
- PRIMER - Unix and Internet Fundamentals
- MikeOS - simple x86 assembly language operating system
- The Art of Unix Programming
- Operating systems development for Dummies – Leo Whitehead – Medium
- Write an OS from scratch. A book for self-learner.
- Malloc tutorial
- raspberry-pi-os: Learning operating system development using Linux kernel and Raspberry Pi
- Paging Implementation
- Booting an Intel Architecture System, Part I: Early Initialization | Dr Dobb's
- Operating Systems: Three Easy Pieces
Distributed Systems and Parallel Computing
CMU - Distributed Systems
- Problem Sets and Solutions
- Guide to Reliable Distributed Systems: Building High-Assurance Applications and Cloud-Hosted Services
- P1-handout.pdf
- P2-handout.pdf
- P3-handout.pdf
- P4-handout.pdf
- ProblemSet1.pdf
- ProblemSet2.pdf
- ProblemSet3.pdf
- ProblemSet4.pdf
- Distributed Systems: Principles and Paradigms
- Course Readings
- 15-440, Fall 2010: Distributed Systems
- CMU - Parallel Computer Architecture and Programming : Parallel Computer Architecture and Programming : 15-418/618 Spring 2015
UMBC Distributed Systems
- IS651 | Distributed Systems
- Distributed Systems Textbook
GT - Distributed Systems
- GT Book 1: Distributed systems for fun and profit
- GT Book 2: Distributed Systems 3rd edition (2017) | DISTRIBUTED-SYSTEMS.NET
- Syllabus - cs_7210_syllabus_and_schedule_2021-1.pdf
- CS 7210: Distributed Computing | OMSCS | Georgia Institute of Technology | Atlanta, GA
- Teaching Rigorous Distributed Systems With Efficient Model Checking
- paxos-simple.pdf
Papers
- abadi-pacelc.pdf
- Read First? : time, clocks, and the ordering of events.pdf
- MapReduce: Simplified Data Processing on Large Clusters – Google Research
Tools
- Hadoop - Google Search
MIT - 6.824 Distributed Systems
- MIT Lectures - Lecture 1: Introduction - YouTube
Videos
- (Really good Lectures?) CSE138 (Distributed Systems) lectures, Spring 2020 - YouTube
- Paxos lecture (Raft user study) - YouTube
- The Paxos Algorithm - YouTube
- Paxos in Pictures: Lamport's Distributed Consensus Algorithm - YouTube
- L9: Paxos Simplified - YouTube
Books
- No Starch Dive into Systems | A gentle introduction to C, Assembly, Computer Systems, Computer Organization, and Parallel computing
- Designing Data-Intensive Applications: The Big Ideas Behind Reliable, Scalable, and Maintainable Systems: Kleppmann, Martin
- Advanced Distributed Systems Book - Introduction to Reliable and Secure Distributed Programming | SpringerLink
- Designing Data-Intensive Applications - O'Reilly Media
Other Courses
- CSE 552: Parallel and Distributed Systems, Spring 2019
- CSE 452/M552: Distributed Systems, Spring 2017
- UMD CMSC 712 Distributed Algorithms and Verification
- MIT - Distributed Systems
- CSEP552: PMP Distributed Systems, Spring 2013
- CAS CS451/651 Distributed Systems Fall 2019
- lintool/bigdata-2018w: CS 451/651 431/631 Data-Intensive Distribute Computing (Winter 2018) at the University of Waterloo
- 6.824 Home Page: Spring 2021
- MIT Distributed Systems
- Distributed Systems Labs - dslabs: Distributed Systems Labs and Framework
- Readings in distributed systems
- Introduction to Distributed System Design - Google Code University - Google Code
- A pattern language for microservices
- NGINX - Register for free books and info
- Waterloo - Programming for Performance
- Introduction to Parallel Computing
- Distributed systems for fun and profit
- My Distributed Systems Seminar's reading list for Spring 2016
- jappavoo/jappavoo.github.com: Jonathan Appavoo Home Page
- Doug Woos / 452-labs · GitLab
- Distributed Systems Reading Group | Aleksey Charapko
- awesome-distributed-systems: A curated list to learn about distributed systems
- Moderately Complex Paxos Made Simple: High-Level Executable Specification of Distributed Algorithms
- Matchmaker Paxos - insight into state of the art and choosing a specific model
- Distributed Systems - Using visual debugger.mov - Google Drive
- BlueJeans- project4 walkthrough
Functional Programming / Programming Language Design
Books
- Programming in Standard ML Book
- Programming Language Pragmatics: Scott, Michael: 9780124104099: Amazon.com: Books
Courses
- NYU Programming Language Course Lectures: edwardzyang - Twitch
- NYU Programming Languages - 2022 syllabus · GitHub
- CS 15-150 CMU Functional Programming Course
- CS 15-150: Principles of Functional Programming (Fall 2015)
- CS 5010: Program Design Paradigms
- CSCI 334: Principles of Programming Languages
- Automata Theory | Stanford Online
- Princeton - COS 326: Functional Programming
- UC Berkeley - CS164: Hack Your Language!
- Cornell - CS 3110 - Functional Programming and DS
- CS 61A Spring 2020
- Repl.it - Oak Programming Language
- Learn C • Build Your Own Lisp
- Intro to Programming Languages
Compilers
Compiler Specific Courses
- Compilers | edX
- UMD - CMSC430: Introduction to Compilers
- Another Stanford - CS143: Compilers
- UIUC - CS 421 Programming Languages and Compilers
- Cornell - CS 4120 - Intro to Compilers
- Compilers and Compiler Generators
- compiler construction - What's the difference between parse trees and abstract syntax trees? - Stack Overflow
- CS 738: Advanced Compiler Optimizations
- UT Austin - Advanced Compiler Techniques
- Eddie Rangel @ CSUB
- CMSC430: Introduction to Compilers
- Compiler design By Ravindrababu - YouTube
- Good Lectures/Slides: Stanford CS143: Compilers
- CS 6120: Advanced Compilers - The Self-Guided Course
Intro to Assembly, Compilers, and Linkers
- Lecture 3 - Introduction to Assembly - Google Slides
- Writing a Function in Assembly: Intel x86 Att Assembly Stack Part 1 - YouTube
- Writing a Function in Assembly: Intel Att Assembly Stack Part 2 - YouTube
- Writing a Function in Assembly: Intel Att Assembly Stack Part 3 - YouTube
- asm64-handout.dvi
- Nicole Orchard
- A ToC of the 20 part linker essay [LWN.net]
- Michael Shah - Computer Science
- valgrind2007.pdf
- Introduction to Compilers and Language Design
- Linking and Loading
- Linkers and Loaders
- All About Linkers
- How the Linker Works - - AVR Libc Reference Manual
- Linkers and Dynamic Linking
Good Compilers Research Papers
- [2109.02775] Lightweight, Multi-Stage, Compiler-Assisted Application Specialization
- Writing a C Compiler | No Starch Press
- Compilers: Principles, Techniques, and Tools --- Second Errata Sheet
- Compilers: Principles, Techniques, and Tools - Wikipedia
- Good Compilers/Programming Language Articles - Tomassetti/Strumenta
- Engineering A Compiler - Google Search
- c++ - How to generate assembly code with clang in Intel syntax? - Stack Overflow
- Cocoa Samurai: Understanding the Objective-C Runtime
- A Guide To Parsing: Algorithms And Terminology
- Difference between LL and LR parsing? - Stack Overflow
- The LEX & YACC Page
- Good Compilers Book: Modern Compiler Implementation, Table of Contents
- SSA-based Compiler Design
- DoctorWkt/acwj: A Compiler Writing Journey
- Undergrad Compilers from the Hive Mind | eschew it all
- Favourite resource for a new compiler author
- Context-Free Grammars
- Compiler Compiler - Part 1: Fixing a bug - YouTube
- codehag - Twitch
- Crafting Interpreters - good reference for learning about parsing
- Static single assignment form - Wikipedia
- Basic block - Wikipedia
- Writing An Interpreter In Go | Thorsten Ball
- Engineering: A Compiler: Cooper, Keith D., Torczon, Linda: 8601410347604: Amazon.com: Books
- Crafting Interpreters
Computer Organization and Architecture
Books
- No Starch Dive into Systems | A gentle introduction to C, Assembly, Computer Systems, Computer Organization, and Parallel computing
Courses
- Georgia Tech - High Performance Computer Architecture - Udacity
- MIT - Comp Org, Arch, and Digital Design
- Cornell - CS 3410 Comp System Organization - Fall 2016
- CMU - Intro To Computer Architecture - Spring 2019
Computer Vision
- jbhuang0604/awesome-computer-vision: A curated list of awesome computer vision resources
- Intro Computer Vision Resources
Computer Networking
- Best Guide to Start | Beej's Guide to Network Programming
- Intro Computer Networks Resources
- Unix Network Programming, Volume 1: The Sockets Networking API (3rd Edition): W. Richard Stevens, Bill Fenner, Andrew M. Rudoff: 0884527655420: Amazon.com: Books
- Linux Howtos: C/C++ -> Sockets Tutorial
- Network Programming for UNIX
- Introduction to Networking | Network Fundamentals Part 1 - YouTube
High Performance Computing
- Agner Fog
- Gamasutra: Niklas Gray's Blog - Data Structures Part 1: Bulk Data
- UMD CMSC714 - High Performance Computing Systems (Fall 2019)
- [CSE 6230] High-Performance Computing: Tools and Applications
- Introduction to High Performance Computing for Scientists and Engineer
Secure Programming & API Testing
- Banned Functions: Security Development Lifecycle (SDL) Banned Function Calls | Microsoft Docs
- Electric Fence - eLinux.org
- GFlags and PageHeap - Windows drivers | Microsoft Docs
- Using the Pointer Ownership Model to Secure Memory Management in C and C++
- Amazon.com: Secure Coding in C and C++ (SEI Series in Software Engineering (Paperback)) (9780321822130): Seacord, Robert C. Seacord: Books
- CMU SEI: Better Software Through Secure Coding Practices
- SEI CERT Coding Standards - CERT Secure Coding - Confluence
- CERT Secure Coding in C and C++ Professional Certificate
- Gadget reduction using zero-call-user-regs - Newsletter
- The FREE Secure Coding Training Course only at Cybrary
- Mayhem for API
Databases
- Database Design All-in-One Tutorial Series (8 HOURS!) - YouTube
- 15-721 Advanced Database Systems (Spring 2019) - YouTube
- Readings in Database Systems (The MIT Press) (9780262693141): Hellerstein, Joseph M., Stonebraker, Michael: Books
- Databases Graduate Certificate | Stanford Online
- Stanford CS 145 Databases Website/Lectures:
- CMU 15-445/645 :: Intro to Database Systems (Fall 2021)
- CMU 15-721 :: Advanced Database Systems (Spring 2020)
- Database Management System (DBMS) - Introduction - YouTube
Cryptography / Cryptanalysis
Books
- Introduction to Modern Cryptography
- Modern Cryptanalysis: Techniques for Advanced Code Breaking: Swenson, Christopher: 9780470135938: Amazon.com: Books
Courses/Lectures
- GT - CS6260 - Applied Cryptography
- Applied Cryptography | Udacity
- CS 6260 web page
- Stanford Cryptography I | Coursera
- Stanford University | Applied Cryptography Group
- Stanford | Online Cryptography Course by Dan Boneh
- Stanford Cryptography II | Coursera
- Stanford CS255 Introduction to Cryptography
- MATH/CMSC 456 --- Cryptography
- Cryptography | Coursera
- Fuck RSA | Trail of Bits Blog
- NOTES: An Introduction to Modern Cryptography
- A Stick Figure Guide to the Advanced Encryption Standard (AES)
- Fermat Attack on RSA
- Welcome - Practical Cryptography for Developers
- ECDH Key Exchange - Practical Cryptography for Developers
Video Game Development
Good Blog Posts To Read
Courses
Books
Code Samples
- isadorasophia/murder: Murder is a pixel art ECS game engine.
Competitive Programming
- Guide to Competitive Programming | SpringerLink
- Free Competitive Programming Books
Math Stuff
Statistics
- These Are the Best Books for Learning Modern Statistics—and They’re All Free
- Suggested Course: Intro to Statistics | Udacity
- Georgia Tech | ISYE6420 - Bayesian Statistics
- GT | ISyE6420 - Bayesian Statistics
- GitHub - wzchen/probability_cheatsheet: A comprehensive 10-page probability cheatsheet that covers a semester's worth of introduction to probability.
Discrete Math
- How to Prove It: A Structured Approach, 2nd Edition: Daniel J. Velleman: 9780521675994: Amazon.com: Books
- Book of Proof
- Interactive Discrete Mathematics Book
- Discrete Mathematics with Applications: Epp, Susanna S.: 9781337694193: Amazon.com: Books
- Zybook - Discrete Math (with discount)
- Logic gates as Venn diagrams – Jeff Thompson
Linear Algebra
- Good book for Linear Algebra | Linear Algebra and Its Applications, 4th Edition: Gilbert Strang: 9780030105678: Amazon.com: Books
- Good Videos for Linear Algebra | Essence of linear algebra - YouTube
- Good Lectures for Linear Algebra | Linear Algebra | Mathematics | MIT OpenCourseWare
- Interactive Linear Algebra Textbook
- Another Good Linear Algebra Book
- Linear Algebra Refresher Course
- asu linear algebra - Google Search
- Linear Algebra - Foundations to Frontiers | edX
- Advanced Linear Algebra: Foundations to Frontiers | edX
- Linear Algebra I: Linear Equations | edX
- Linear Algebra II: Matrix Algebra | edX
- Linear Algebra III: Determinants and Eigenvalues | edX
- Linear Algebra IV: Orthogonality & Symmetric Matrices and the SVD | edX
- 3Blue1Brown - Teaches Hard Concepts Well!
- Dana C. Ernst
- Explained Visually
- Logarithms explained.
- Introduction to Mathematical Thinking | Coursera
- /r/csMajors
- /r/programming
- /r/learnprogramming
- Making a contribution to an Open Source project on GitHub and whoa! : learnprogramming
- Communications of the ACM
- Category:Solutions by Programming Task - Rosetta Code
- 97-things-every-programmer-should-know/SUMMARY.md at master · 97-things/97-things-every-programmer-should-know · GitHub
SW Reverse Engineering/Malware Analysis
Malware RE/Analysis
Courses for Malware Analysis
FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
Course Notes
Tournament
binaries
1e2ef1
- AnyRun Text Report | 1e2ef1ed9e99ebf1b41d77c9544724be3682bcbd8042e034999ae537db662415 | ANY.RUN - Free Malware Sandbox Online
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'Online-Guardian-fixeddns.exe'
- Maltiverse | 7b8cc181c2eb9477faa4fb93c4ddf414 - Sample analysis - Maltiverse
- VirusTotal - File - 1e2ef1ed9e99ebf1b41d77c9544724be3682bcbd8042e034999ae537db662415
- 7b8cc181c2eb9477faa4fb93c4ddf414 - Google Search
- Online-Guardian.exe - Google Search
52025c
- AnyRun | 52025c.exe (MD5: D138CBDC2AE133C81752E4C1E4E8561E) - Interactive analysis - ANY.RUN
- Hatching Triage | Malware sandboxing report by Hatching Triage
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for '52025c.exe'
- Anyrun Text Report - 52025c86ec0b35f42f22742b92c4bbca97bef3f3f7593b488af738e16673048d | ANY.RUN - Free Malware Sandbox Online
- VirusTotal - File - 52025c86ec0b35f42f22742b92c4bbca97bef3f3f7593b488af738e16673048d
abtc
- Hatching Triage | Malware sandboxing report by Hatching Triage
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'abtc.exe'
- 8ac226bd60ba9e7bdce4302653378062 - Google Search
- VirusTotal - File - 7ead995fee4391f2eec00f47ffae7f4872b6368f9115d0101ba6dea818338183
- AnyRun Text Report | 7ead995fee4391f2eec00f47ffae7f4872b6368f9115d0101ba6dea818338183 | ANY.RUN - Free Malware Sandbox Online
- AnyRun | abtc.exe (MD5: 8AC226BD60BA9E7BDCE4302653378062) - Interactive analysis - ANY.RUN
bb1f18
- VirusTotal - File - bb1f1816fb5064dcd339ef4ce1018b01324d79a850bf0775a43c1fe2c3ea1816
- AnyRun | bb1f18.exe (MD5: 449D5F628CD5CE61DB9B3ACA95476A58) - Interactive analysis - ANY.RUN
- AnyRun Text Report | bb1f1816fb5064dcd339ef4ce1018b01324d79a850bf0775a43c1fe2c3ea1816 | ANY.RUN - Free Malware Sandbox Online
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'WigetFL.exe'
- VirusTotal - File - bb1f1816fb5064dcd339ef4ce1018b01324d79a850bf0775a43c1fe2c3ea1816
- Any Run 2 | 18.exe (MD5: 449D5F628CD5CE61DB9B3ACA95476A58) - Interactive analysis - ANY.RUN
- Any Run Text 2 | bb1f1816fb5064dcd339ef4ce1018b01324d79a850bf0775a43c1fe2c3ea1816 | ANY.RUN - Free Malware Sandbox Online
c48e99
- Manalyzer :: c51c8c10de4c77a526304217950cf4db
- 2019c2921dd1ef2202b2f96adfc71234acbfe79e - Google Search
- c51c8c10de4c77a526304217950cf4db - Google Search
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'maky.scr.exe'
- Any Run Text | c48e99b1c94cfe64c6af44d50850f0c8c7a04c2bb32ea15cc09be4a2ab641fa7 | ANY.RUN - Free Malware Sandbox Online
- Any Run Full Analysis
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'c48e99.exe'
- VirusTotal - File - c48e99b1c94cfe64c6af44d50850f0c8c7a04c2bb32ea15cc09be4a2ab641fa7
- JoeSandbox Report
- NanoCore RAT Analysis, Trojan Overview by ANY.RUN
c75
- 7cacd0b11497bcdd2db0ee3ae9580bdd - Google Search
- 4b5de3d5e80b27be9b62c12c2710e844c4bf01d2 - Google Search
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for '123.exe'
- AnyRun Analysis | 123.ex_ (MD5: 7CACD0B11497BCDD2DB0EE3AE9580BDD) - Interactive analysis - ANY.RUN
- AnyRun Text | bb1730b09c6c47304cf71a902d006b80dcf6ca8fbc179856393073faafd68d55 | ANY.RUN - Free Malware Sandbox Online
- VirusTotal - File - bb1730b09c6c47304cf71a902d006b80dcf6ca8fbc179856393073faafd68d55
challenge63
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'challenge63.exe'
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'challenge63.exe'
- AnyRun Text Report | 98ab99efa9cc35e89d3a43ec1976c52d2ac91055c3ac787f2497b7e733c63648 | ANY.RUN - Free Malware Sandbox Online
- Any Run Full Analysis
- VirusTotal - File - 98ab99efa9cc35e89d3a43ec1976c52d2ac91055c3ac787f2497b7e733c63648
challenge66
- 7b8cc181c2eb9477faa4fb93c4ddf414 - Google Search
- VirusTotal - File - 9451a7c4f32eb94a89a021009de3cba933502d7baebfbd8ce7023a98fecd8ba6
- 6240e526445aaf472d65ae244e319d22 - Google Search
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'challenge66.exe'
- VirusTotal - File - 9451a7c4f32eb94a89a021009de3cba933502d7baebfbd8ce7023a98fecd8ba6
- AnyRun Text | 9451a7c4f32eb94a89a021009de3cba933502d7baebfbd8ce7023a98fecd8ba6 | ANY.RUN - Free Malware Sandbox Online
- AnyRun Analysis | challenge66.exe (MD5: 6240E526445AAF472D65AE244E319D22) - Interactive analysis - ANY.RUN
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'challenge66.exe'
- 9451a7c4f32eb94a89a021009de3cba933502d7baebfbd8ce7023a98fecd8ba6 - Google Search
gy
- VirusTotal - File - 46ba01db329ca45b2ab718889c129aad195f1ddccc6603bc1d02e4c7e07bf6fa
- Any Run Text | 46ba01db329ca45b2ab718889c129aad195f1ddccc6603bc1d02e4c7e07bf6fa | ANY.RUN - Free Malware Sandbox Online
- Any Run Analysis | gy.exe (MD5: DDA5C87F766233E9D28EC1F4856815C1) - Interactive analysis - ANY.RUN
- VirusTotal - File - 46ba01db329ca45b2ab718889c129aad195f1ddccc6603bc1d02e4c7e07bf6fa
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'gy.exe'
- Automated Malware Analysis Report for gy.exe - Generated by Joe Sandbox
- d5c3fb20f28fdb0942cc82d0a72ee36fadd4721c - Google Search
- dda5c87f766233e9d28ec1f4856815c1 - Google Search
mean
- VirusTotal - File - be14ed801453c78d6c80992705cfe0e7eb03f808d2b28704ffa2925cdc46fdc9
- bda90165f64b2b335c8b20190bd0deca258cb33c - Google Search
- f36cbb006407e0728b87bbef36be08e4 - Google Search
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'mean.dll'
- valak dll - Google Search
- Evolution of Valak, from Its Beginnings to Mass Distribution
- Valak Malware and the Connection to Gozi Loader ConfCrew - SentinelLabs
- Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Threat Spotlight: Valak Slithers Its Way Into Manufacturing and Transportation Networks
message
- AnyRun Report | message.exe (MD5: 2C7C36FE5EF0ACD72A97C5F92D7F47C5) - Interactive analysis - ANY.RUN
- Any Run Text | fd0b399a0264ae441f66663ccd87530814b34190778c4b9d876cf2f477a800ea | ANY.RUN - Free Malware Sandbox Online
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'message.scr'
- VirusTotal - File - 7c81d71a625f0ec3db8886294eae0a97a3673cad32f58896454da7f7854dd146
- MyDoom: The 15-year-old malware that's still being used in phishing attacks in 2019 | ZDNet
- 2c7c36fe5ef0acd72a97c5f92d7f47c5 - Google Search
- Worm:W32/Mydoom Description | F-Secure Labs
- Mydoom
openme
- dbee71535e9f1fb23b3f01e25989d22d51237e68 - Google Search
- e3b3e285390c0e2f7d04bd040bec790d - Google Search
- AnyRun | openme.exe (MD5: E3B3E285390C0E2F7D04BD040BEC790D) - Interactive analysis - ANY.RUN
- Any Run Report | 21a0201874af80436dc0a36e5cbaf7da9b75217b3e39b712f3850729cf47deb6 | ANY.RUN - Free Malware Sandbox Online
- Any Run Report 2 | 21a0201874af80436dc0a36e5cbaf7da9b75217b3e39b712f3850729cf47deb6 | ANY.RUN - Free Malware Sandbox Online
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for '11.exe'
- Any Run 2 | 21a0201874af80436dc0a36e5cbaf7da9b75217b3e39b712f3850729cf47deb6 | ANY.RUN - Free Malware Sandbox Online
- Any Run 2 | openme.exe (MD5: E3B3E285390C0E2F7D04BD040BEC790D) - Interactive analysis - ANY.RUN
- Automated Malware Analysis Report for openme.exe - Generated by Joe Sandbox
rk-dropper
- 1196afa54d18ff2ddf0be7a77616657dbd286147f6705d16357239b2dd941ea0 - Google Search
- 01b5672fd4fe463b72eada09837924cb578bfd3a - Google Search
- 97492c2392ea7404930e5499c3dcc607 - Google Search
- VirusTotal - File - 1196afa54d18ff2ddf0be7a77616657dbd286147f6705d16357239b2dd941ea0
- VirusTotal - File - 1196afa54d18ff2ddf0be7a77616657dbd286147f6705d16357239b2dd941ea0
- rk-dropper.exe (MD5: 97492C2392EA7404930E5499C3DCC607) - Interactive analysis - ANY.RUN
- 1196afa54d18ff2ddf0be7a77616657dbd286147f6705d16357239b2dd941ea0 | ANY.RUN - Free Malware Sandbox Online
- rk-dropper.exe (MD5: 97492C2392EA7404930E5499C3DCC607) - Interactive analysis - ANY.RUN
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'download-rootkhp-software-for-get-root-rights--rootkhp.exe'
- 1196afa54d18ff2ddf0be7a77616657dbd286147f6705d16357239b2dd941ea0 | ANY.RUN - Free Malware Sandbox Online
- Free Automated Malware Analysis Service - powered by Falcon Sandbox
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'the-wild-eight-early-access-2017-pc.zip'
trojan_4982
- 2b6f4fb770a17ff7dc764851fd004982 - Google Search
- 2a4d5365e6adb6a50c9f4b225d3d5abc549b7c9c - Google Search
- 38b1bbc48c35a5decd8eaf475a5b32f742c28c5d0b5f9c85c1a667fbf2cbdb73 - Google Search
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for '2B6F4FB770A17FF7DC764851FD004982.exe'
- trojan_4982.exe (MD5: 2B6F4FB770A17FF7DC764851FD004982) - Interactive analysis - ANY.RUN
- trojan_4982.exe (MD5: 2B6F4FB770A17FF7DC764851FD004982) - Interactive analysis - ANY.RUN
- 38b1bbc48c35a5decd8eaf475a5b32f742c28c5d0b5f9c85c1a667fbf2cbdb73 | ANY.RUN - Free Malware Sandbox Online
- 38b1bbc48c35a5decd8eaf475a5b32f742c28c5d0b5f9c85c1a667fbf2cbdb73 | ANY.RUN - Free Malware Sandbox Online
- VirusTotal - File - 38b1bbc48c35a5decd8eaf475a5b32f742c28c5d0b5f9c85c1a667fbf2cbdb73
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'trojan_4982.exe'
winhost
- razy malware - Google Search
- VirusTotal - File - 35a32f3cfc0f243dcb755d39d8725bd311cfaec374813981c73d9311b4ba1c57
- Razy Malware Attacks Browser Extensions to Steal Cryptocurrency | Threatpost
- How Razy Trojan steals cryptocurrency | Kaspersky official blog
- Razy Ransomware [Updated] - Decryption, removal, and lost files recovery (updated)
- VirusTotal - File - 35a32f3cfc0f243dcb755d39d8725bd311cfaec374813981c73d9311b4ba1c57
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'winhost.exe'
winservices
- VirusTotal - File - ed96096ac258b000b243394cdd390bf8bdcc5c4d5e22610e6837902051bdc3a1
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'winservices.exe'
- Automated Malware Analysis Report for svchost.exe - Generated by Joe Sandbox
- winservices.exe (MD5: 3E9161C04F171DB253B980D547692732) - Interactive analysis - ANY.RUN
- ed96096ac258b000b243394cdd390bf8bdcc5c4d5e22610e6837902051bdc3a1 | ANY.RUN - Free Malware Sandbox Online
- 3e9161c04f171db253b980d547692732 - Google Search
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'winservices.exe'
xd
- VirusTotal - File - 873df098203c98f2364321fa1295a8cb3542af83727b9dc335829f5ba0dc1c97
- 5765acc80262f3a96bba079178fa13ea - Google Search
- a52f2a8e86d712d477f25e9a41be9f150bd612a1 - Google Search
- xd.exe (MD5: 5765ACC80262F3A96BBA079178FA13EA) - Interactive analysis - ANY.RUN
- Any Run Text | 873df098203c98f2364321fa1295a8cb3542af83727b9dc335829f5ba0dc1c97 | ANY.RUN - Free Malware Sandbox Online
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'xd.exe'
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'xd.exe'
officeDocs
attendees
- b556307e1e6462a9aea5dc1f76667d10 - Google Search
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'attendees.xlsm'
- e3525ffd85d51a0a502012492ed1ef54d22eec88 - Google Search
claim
- VirusTotal - File - 7152b279e52e2c6fc0f1cfdafcdccfb45285805de1600d47b28cddac9a1c2bb1
- VirusTotal - File - 7152b279e52e2c6fc0f1cfdafcdccfb45285805de1600d47b28cddac9a1c2bb1
- 3e8e9932f281a27ce1646f0fe6e79ed2 - Google Search
- 7152b279e52e2c6fc0f1cfdafcdccfb45285805de1600d47b28cddac9a1c2bb1 | ANY.RUN - Free Malware Sandbox Online
- VirusTotal - File - 7152b279e52e2c6fc0f1cfdafcdccfb45285805de1600d47b28cddac9a1c2bb1
- InQuest Labs - DFI - InQuest.net
edit1-invoice
- VirusTotal - File - 1a819d18c9a9de4f81829c4cd55a17f767443c22f9b30ca953866827e5d96fb0
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'MS Licensing Nov21.pptm'
MS-licensing-2016_12
- 16eacaeb506a74cb3fcef8578c6c256b263ac6e3fdcf481f73d52ad39eccb698 | ANY.RUN - Free Malware Sandbox Online
- 16eacaeb506a74cb3fcef8578c6c256b263ac6e3fdcf481f73d52ad39eccb698 | ANY.RUN - Free Malware Sandbox Online
- VirusTotal - File - 16eacaeb506a74cb3fcef8578c6c256b263ac6e3fdcf481f73d52ad39eccb698
payscale
- 9d218e916106dc3aad2a400a73f1592ee755628c1e172ffac0ea28c708592c5a (MD5: 4E8BB95BD598EDF78F42F52DFCBE0D53) - Interactive analysis - ANY.RUN
- VirusTotal - File - 9d218e916106dc3aad2a400a73f1592ee755628c1e172ffac0ea28c708592c5a
- VirusTotal - File - 9d218e916106dc3aad2a400a73f1592ee755628c1e172ffac0ea28c708592c5a
- 9d218e91...2c5a | VMRay Analyzer Report
- 9d218e91...2c5a | IOCs
pdf
20643
- VirusTotal - File - 3f40903dcfca20aa200a9cfb80ea313a2e80853e70316ecac3c659b9b943ba84
ouchpdf
- ouch.pdf (MD5: 46AAB7DF8880FB43CE1520D0D54377FA) - Interactive analysis - ANY.RUN
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'ouch.pdf'
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'ouch.pdf'
scripts
3048
- Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for '3048.ps1'
- VirusTotal - File - 14a42d6418b38103a7fdccc5b1d37e4fb0efcad2f847c9996465c5fdc78632c2
- VirusTotal - File - 14a42d6418b38103a7fdccc5b1d37e4fb0efcad2f847c9996465c5fdc78632c2
- VirusTotal - File - d229545149d95f3daac8c4d88a0e18b8981db0cb0a6c966a3bff73197611c2eb
Javascript-malicious3
- Automated Malware Analysis Report for http://mdbaker.org/rc/include/smarty/uzbly/2.js - Generated by Joe Sandbox
- VirusTotal - File - d229545149d95f3daac8c4d88a0e18b8981db0cb0a6c966a3bff73197611c2eb
- Automated Malware Analysis - Joe Sandbox Cloud Basic
- MalwareJake: Beating up on poor antivirus...
Test Taking Tips
- Tips, Tricks, and Traps When Prepping for a GIAC Certification Exam – Br0nw3n's World
- Wargaming GIAC Certifications – Open Security, Inc.
- First Time GIAC: Studying for the GCFE - AboutDFIR - The Definitive Compendium Project
Lab Tools
Static Properties
- PEStudio - Winitor
- Better Strings - mandiant/flare-floss: FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
- guelfoweb/peframe: PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
- Detect-It-Easy: Program for determining types of files for Windows, Linux and MacOS.
Code Analysis
- Plugins · x64dbg/x64dbg Wiki
- x64dbg
- google/gvisor: Application Kernel for Containers
- Sandboxing containers with gVisor - CinCan
Behavioral Analysis
- Process Hacker | multi-purpose tool that helps you monitor system resources, debug software and detect malware
- Process Monitor - dvanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity | Windows Sysinternals
- Seabreg/Regshot: Regshot is a small, free and open-source registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one - done after doing system changes or installing a new software product
- Wireshark
- FakeDns: A regular-expression based python MITM DNS server with support for DNS Rebinding attacks
Lab Setup
- networking - Ping to Windows 10 not working if "file and printer sharing" is turned off? - Super User
Malware Report Terminology
- MBCProject/mbc-markdown: MBC content in markdown
- Malware Capabilities · MAECProject/schemas Wiki
Malware Information and Automated Analysis
Antivirus Scanner
- VirusTotal - Home
- MetaDefender Cloud | Advanced threat prevention and detection
- VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 47 AntiVirus Engines!
- AVCaesar - Google Search
File Reputation
- malware hash registry - Google Search
- Winbindex - Google Search
- Legitimate Windows Binaries Index with hashes; good for patch diffing too | Winbindex - The Windows Binaries Index
Sandboxes
- ANY.RUN - Interactive Online Malware Sandbox
- https://capesandbox.com/
- ctxis/CAPE: Malware Configuration And Payload Extraction
- What is CAPE? — CAPE Sandbox v2.1 Book
- Intezer Analyze – All-In-One Malware Analysis Platform
- Free Automated Malware Analysis Service - powered by Falcon Sandbox
- Free Automated Malware Analysis Sandboxes and Services
Website Investigation
- Free Blocklists of Suspected Malicious IPs and URLs
- Free Online Tools for Looking up Potentially Malicious Websites
- https://quttera.com
Data Repositories
- blacktop/totalhash-api: #totalhash - Malware Analysis Database API
- Malware Hash Registry - Team Cymru
x86 Instruction References
- X86 Opcode and Instruction Reference
- Intel x86 JUMP quick reference
- x64 fastcall in debugger | Arguments Window Incorrect on x64bit Dbg · Issue #1408 · x64dbg/x64dbg
Malicious Documents
- Analysis of PDFs Created with OpenOffice/LibreOffice
- PDF Tools | Didier Stevens
- SSL/TLS: What's Under the Hood | SANS Institute
- 34297.pdf
- Thug | Python low-interaction honeyclient
- Big5-sec/pcode2code: a vba pcode decompiler based on pcodedmp
- Evidence of VBA Purging Found in Malicious Documents – NVISO Labs
- Purgalicious VBA: Macro Obfuscation With VBA Purging | Mandiant
- Translate | Didier Stevens
- Using RTF Files as a Delivery Vector for Malware - Cofense
- Download: Word 2007: Rich Text Format (RTF) Specification, version 1.9.1 - Microsoft Download Center - Download Details
- Enables AMSI logging to the AMSI/Operational event log
- Dropbox - SANS Tech Tuesday - Simplify your life
- SANS FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques Short Link Library
- Antimalware Scan Interface (AMSI) - Win32 apps | Microsoft Docs
Shellcode
- scdbg - Displays Windows API Calls Shellcode Makes
- Yara-Rules/rules: Repository of yara rules
- VirusTotal/yara: The pattern matching swiss knife
- dzzie/SCDBG: note: current build is VS_LIBEMU project. This cross platform gcc build is for Linux users but is no longer updated. modification of the libemu sctest project to add basic debugger capabilities and more output useful for manual RE. The newer version will run under WINE
- dzzie/scdbg_unicorn: test build of scdbg running under unicorn
Deobfuscating JavaScript
- insertBefore Method
- appendChild vs insertBefore | High Performance Web Sites
- CapacitorSet/box-js: A tool for studying JavaScript malware.
Packed Malware
- CERT.at - Show
- Unpacker | Ether: Malware Analysis via Hardware Virtualization Exsensions
- Unpacker Scripts for x64dbg | Scripts: A collection of x64dbg scripts. Feel free to submit a pull request to add your script.
- UnpacMe
- Windows 8 ASLR Internals | Positive Technologies - learn and secure : Windows 8 ASLR Internals
- Why you should avoid manual ‘server hardening’ | Microsoft Docs
- NtQuery/Scylla: Imports Reconstructor
- CFF Explorer - PE editing & Structure Analysis| Explorer Suite – NTCore
- setdllcharacteristics | DidierStevensSuite: Please no pull requests for this repository. Thanks!
- OllyDumpEx Plugin
- Signed Binary Proxy Execution: Mshta, Sub-technique T1218.005 - Enterprise | MITRE ATT&CK®
- Untangling Kovter's persistence methods | Malwarebytes Labs
Code Injection and API Hooking
- Memory Protection Constants (WinNT.h) - Win32 apps | Microsoft Docs
- OpenProcess function (processthreadsapi.h) - Win32 apps | Microsoft Docs
- CreateRemoteThread function (processthreadsapi.h) - Win32 apps | Microsoft Docs
- Native API - Wikipedia
- c++ - how can i verify that CreateToolhelp32Snapshot() is using NtQuerySystemInformation? - Stack Overflow
Debugger Detection and Data Protection
- IsDebuggerPresent API | 🔐Blog of Osanda
- x86 Disassembly/Debugger Detectors - Wikibooks, open books for an open world
- Endpoint Protection - Symantec Enterprise
- Anti-Debugging Series - Part II | Veracode
- Anti-Debug: Debug Flags
- DOES NOT WORK ANYMORE : OutputDebugStringW function (debugapi.h) - Win32 apps | Microsoft Docs
- GetTickCount function (sysinfoapi.h) - Win32 apps | Microsoft Docs
- distro/brxor.py at master · REMnux/distro
- decalage2/balbuzard: Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
- 0x6d696368/ghidra_scripts: Ghidra scripts such as a RC4 decrypter, Yara search, stack string decoder, etc.
- BitsOfBinary/ghidra-scripts: My collection of scripts for Ghidra (https://github.com/NationalSecurityAgency/ghidra)
- distro/strdeob.pl at master · REMnux/distro
- RtlDecompressBuffer function (ntifs.h) - Windows drivers | Microsoft Docs
- Stackstrings, type 2
- Satana Malware Analysis | 🔐Blog of Osanda
- Unpacking Satana Ransomware - Security Blog - Arnaud Delmas
- Satana ransomware - threat coming soon? | Malwarebytes Labs
- process-hollowing.pdf
- GetProcAddress function (libloaderapi.h) - Win32 apps | Microsoft Docs
- Process Creation Flags (WinBase.h) - Win32 apps | Microsoft Docs
Detecting The Analysis Toolkit
- Volatility Labs: What do Upclicker, Poison Ivy, Cuckoo, and Volatility Have in Common?
- Don’t Click the Left Mouse Button: Introducing Trojan UpClicker | FireEye Inc
- BlockInput function (winuser.h) - Win32 apps | Microsoft Docs
- Sandboxie (Read Only) - Sophos Community
- Download the Windows Driver Kit (WDK) - Windows drivers | Microsoft Docs
- Avast | Download Free Antivirus & VPN | 100% Free & Easy
- sandsprite.com/iDef/SysAnalyzer/
- WPE Pro 0.9a Free Download
- Malware Analysis Sandbox & Security Solutions - VIPRE ThreatAnalyzer
- The A.R.F Project© » Detecting KDs with a single instruction
Handling Misdirection Techniques
- Segmentation - OSDev Wiki
- assembly - What is the "FS"/"GS" register intended for? - Stack Overflow
Unpacking By Anticipating Actions
- libpeconv/pe_unmapper at master · hasherezade/libpeconv
- PE_unmapper demo: unpacking TrickBot and FlokiBot - YouTube
- Introducing TrickBot, Dyreza's successor | Malwarebytes Labs
- If at first you don't succeed, try something else w/ Jim Clausing - SANS DFIR Summit 2020 - YouTube
- Intro to Shellcode Analysis: Tools and Techniques - YouTube
- Shellcode Analysis 101 | SANS@MIC Talk - YouTube
GREM
- GREM: Grey Box Testing: How I Passed the GIAC GREM Exam Without Taking the Course
- GIAC Reverse Engineering Malware (GREM) Review - Everything S3curity
- Introduction to Malware Analysis – Free Recorded Webcast
- Need for Speed: Malware Edition - SANS DFIR SUMMIT - YouTube
- Malware Analysis Essentials Using REMnux w/ Lenny Zeltser - SANS Institute
- SANS Digital Forensics and Incident Response Blog | Jake Williams' Tips on Malware Analysis and Reverse-Engineering | SANS Institute
- DFPS_FOR610_v1.6_4-19.indd
TCM-Practical Malware Analysis and Triage
- HuskyHacks/PMAT-labs: Labs for Practical Malware Analysis & Triage
Malware Unicorn
- Reverse Engineering 101
- Reverse Engineering 102
RPISec
- RPISEC - Malware Analysis 2013
- RPISEC - Malware Analysis 2015
- RPISEC INTROSEC
Open Security Training (OST)
- Open Security Training - Reverse Engineering Malware
- HEXORCISM - Reverse Engineering Malware Training
- Zero2Automated : Malware Training
- Malware Analysis CTF
- Kaspersky | Online Cyber Security Training
- Kaspersky | Courses > Targeted Malware Reverse Engineering
- reversing-class: LEARN GHIDRA
- CNIT 126: Practical Malware Analysis -- Sam Bowne
- Intro to RE/Malware Analysis
- How to start RE/malware analysis? | hasherezade's 1001 nights
- Intro to Malware Analysis
- MalwareDynamicAnalysis
- UMBC CMSC 491/691 Malware Analysis
- Condensed Crash Course on Malware Analysis Notes
- The Beginner Malware Analysis Course + VirusBay Access
- CS6038/CS5138 Malware Analysis, UC by ckane
- hasherezade/malware_training_vol1: Materials for Windows Malware Analysis training (volume 1)
- Ringzer0 - Advanced Malware Analysis and Reverse Engineering
- Malware Unicorn on Twitter: "I've been teaching my intern some RE stuff. As a result, I'm working on turning it into workshop content. Here is a preview. https://t.co/BS6x0RGp2g" / Twitter
- Malware Reverse Engineering for Beginners - Part 1: From 0x0 - Intezer
- Some Assembly Required - YouTube
- Immersive Labs
- Advanced Malware Analysis: Redux | Cybrary
- Open Security Training | LifeOfBinaries
- | OpenSecurityTraining2
- Free and Affordable Malware Analysis & Reverse Engineering Training
Tools for Malware Analysis
DON'T FORGOT TO CHECK TOOLS IN SW REVERSE ENGINEERING FOLDER
VM's/Sandboxes for Malware Analysis
Sandboxes
- Automated Malware Analysis - Joe Sandbox Cloud Basic
- Customize Windows Sandbox
- HynekPetrak/malware-jail: Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js
- Interactive Online Malware Analysis Sandbox - ANY.RUN
- Cuckoo Sandbox - Automated Malware Analysis
- phoenix: Cuckoo Sandbox is an automated dynamic malware analysis system
- Dragonfly: your next generation malware sandbox | Certego
FlareVM (Windows)
- GitHub - mandiant/flare-vm
REMnux (Linux)
- REMnux: A free Linux Toolkit for Reverse-Engineering and Analyzing Malware
- How to Set A Custom Screen Resolution in Ubuntu Desktop | UbuntuHandbook
- command line - How to set custom resolution using xrandr when the resolution is not available in 'Display Settings' - Unix & Linux Stack Exchange
- Error when running pip install: python setup.py egg_info" failed with error code 1 · Issue #370 · palantir/python-language-server · GitHub
- Python Release Python 3.8.2 | Python.org
- "ssl module in Python is not available" when installing package with pip3 - Stack Overflow
- :8: Error in sourced command file: · Issue #138 · longld/peda · GitHub
- SSL Error fix for pip3
- fix for gdb gef not recognizing 'from'
Apple (MacOS)
- How to Install macOS High Sierra 10.13.6 on VirtualBox on Windows - Techsviewer
- CAPEv2: Malware Configuration And Payload Extraction
- Malware Unicorn Environment VM's
- SIFT Workstation Download
- Creating a Simple Free Malware Analysis Environment - MalwareTech
- Creating the Ultimate Tor Virtual Network - MalwareTech
- Windows 10 Enterprise | Microsoft Evaluation Center
- How to really disable Windows Defender on Win11 · Issue #393 · mandiant/flare-vm
- Windows 7 Professional SP1 (32 bit and 64 bit ISOs) : Microsoft Corporation : Free Download, Borrow, and Streaming : Internet Archive
- Security Onion: quick malware analysis
Scripts
- Ghidra script to handle stack strings – Max Kersten
- Zero2Auto - Malware_Scripts/qakbot at master · sysopfb/Malware_Scripts · GitHub
- Process Explorer log walk | PSBits/GetSysmonTree.ps1 at master · gtworek/PSBits · GitHub
- Lots of modules embedded with pe headers stripped analysis | FlareQScripts/SteamTrain at main · MandiantLabs/FlareQScripts
- tools/disable-defender.ps1 at master · jeremybeaume/tools
File/PE Dumping from Memory & Import Reconstruction
- import reconstructor - Google Search
- Import REConstructor 1.7e FINAL / IAT / PE Rebuilding / Downloads - Tuts 4 You
- CHimpREC - aldeid
- CHimpREC: The Cheap Imports Reconstructor 1.0.0.1 / IAT / PE Rebuilding / Downloads - Tuts 4 You
- hasherezade/hollows_hunter: Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
- Extracting Malware from Memory with Hollows_Hunter – SecurityLiterate.com
- ProcDump - Windows Sysinternals | Microsoft Docs
PE File Things
- PE Tools
- PEview
- PE Tree: Free open source tool for reverse-engineering PE files - Help Net Security
- pev: The Portable Executables (PE) file analysis toolkit • Penetration Testing
- blackberry/pe_tree: Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall to dump in-memory PE files and reconstruct imports.
- struppigel/PortEx: Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness
- Resource Hacker
- Dependency Walker (depends.exe) Home Page
Capa And Capability Detection Stuff
- capa/capa/ida/plugin at master · mandiant/capa
- capa: Automatically Identify Malware Capabilities | Mandiant
- capa v4: casting a wider .NET | Mandiant
- GitHub - mandiant/capa: The FLARE team's open-source tool to identify capabilities in executable files.
Networking & Custom C2 Stuff
Fakenet & Other Network Tools
- Fix FakeNet Expired Cert | Support for SNI and dynamic certificate by htnhan · Pull Request #98 · mandiant/flare-fakenet-ng
- Fakenet Win 10 FLARE VM | Stop Port 80 from listening | Port 80is being used by SYSTEM (PID 4), what is that? - Stack Overflow
- GitHub - mandiant/flare-fakenet-ng: [Suspended] FakeNet-NG - Next Generation Dynamic Network Analysis Tool
- Release FakeNet-NG 3.0-alpha · mandiant/flare-fakenet-ng
- Arkime | Open Source Packet Capture and Search Tool
- TCP/IP packets - 3 Manually create and send raw TCP/IP packets - inc0x0
- flare-fakenet-ng/CustomResponse.md at master · mandiant/flare-fakenet-ng
- Reverse engineering tricks: identifying opaque network protocols | SkullSecurity Blog
- Malware Tool for SSL/TLS Decrypting | polar proxy
- WinHttpReadData function (winhttp.h) - Win32 apps | Microsoft Docs
- winhttp.h | WINHTTP_FLAG_SECURE
- c - What is SOL_SOCKET used for? - Stack Overflow
- Hex to IP Converter - Convert Hexadecimal to IP - Online - Browserling Web Developer Tools
- IP to Hex Converter - Convert IP to Hexadecimal - Online - Browserling Web Developer Tools
- Installing a Fake Internet with INetSim and PolarProxy
- Malware C2 API Handling HTTP Server | http.server — HTTP servers — Python 3.10.8 documentation
- Custom HTTP Server for handling Malware HTTP Comms with API | Simple Python 3 HTTP server for logging all GET and POST requests · GitHub
Packers/Unpackers/Protectors
VMProtect/Virtualization
- Obfuscator-Collections/VMProtect: VMProtect source code leak (incomplete, some important files are still missing, but you can still see it as a reference on how to virtualize the code)
- VMProtect 3 Unpacker | wallds/NoVmpy
- How To Unpack VMProtect 3 (x64) Night Sky Ransomware With VMPDump [Patreon Unlocked] - YouTube
- GitHub - 0xnobody/vmpdump: A dynamic VMP dumper and import fixer, powered by VTIL.
- Devirtualization Stuff - VTIL Project
- mike1k/VMPImportFixer: Fix VMProtect Import Protection
- A Tale of Static Devirtualization Vol. I: The Lift | nobody
- VMProtect Workflow for resolving obfuscated import stubs | Debugging with IDA: Emulating code from crash dumps - defeating VMP's obfuscated imports - YouTube
- VMProtect3 | horizon-backscatter3/vmprotect3.py at staging · MandiantTI/horizon-backscatter3
- Titan | a VMProtect devirtualizer
- GitHub - can1357/NoVmp: A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
UPX
- Unpacking UPX - Using OllyDump - Unpacking, reversing, patching - Infosec Resources
- UPX packed headaches - Akamai Security Intelligence and Threat Research Blog
- GitHub - hasherezade/mal_unpack: Dynamic unpacker based on PE-sieve
- Unpacking Malware With Hardware Breakpoints - Cobalt Strike
Strings Stuff
- mandiant/stringsifter: A machine learning tool that ranks strings based on their relevance for malware analysis.
Emulation
- mrexodia/dumpulator: An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
- lief-project/LIEF: LIEF - Library to Instrument Executable Formats
- malware analysis viper - Google Search
Automation/Dynamic Binary Instrumentation
- stoQ - Automation. Simplified.
- Malware Detection Automation framwork | PUNCH-Cyber/stoq: An open source framework for enterprise level automated analysis.
- Frida Handbook
- Building on Ghidra: Tools for Automating Reverse Engineering and Malware Analysis
YARA & SNORT
- Writing YARA rules — yara 4.2.0 documentation
- YARA Rules Guide: Learning this Malware Research Tool
- Scan suspicious files such as malware samples or process dumps against a large repository of YARA rules. | YARAify
- Writing YARA rules — yara 3.4.0 documentation
- YARA - The pattern matching swiss knife for malware researchers
- PE module — yara 3.7.0 documentation
- Neo23x0/yarGen: yarGen is a generator for YARA rules
- Goodware Strings | yarGen/strings.xml at master · Neo23x0/yarGen
- YARA-Performance-Guidelines: A guide on how to write fast and memory friendly YARA rules
- Florian Roth Yara Rules
- SANS Webcast - YARA - Effectively using and generating rules - YouTube
- InQuest/awesome-yara: A curated list of awesome YARA rules, tools, and people.
- GitHub - VirusTotal/yara-python: The Python interface for YARA
Honeypot
- GitHub - lorentzenman/sheepl: Sheepl : Creating realistic user behaviour for supporting tradecraft development within lab environments
- GitHub - cmu-sei/GHOSTS: GHOSTS is a user simulation framework for complex, realistic NPC orchestration
API Tracing
- hasherezade/tiny_tracer: A Pin Tool for tracing API calls etc
Sysmon Log Visualization & Search
- Visualise Sysmon Logs and Detect Suspicious Device Behaviour -SysmonSearch- - JPCERT/CC Eyes | JPCERT Coordination Center official Blog
- SysmonSearch v2.0 Released - JPCERT/CC Eyes | JPCERT Coordination Center official Blog
Sigma
- sigma/file_rename_win_ransomware.yml at master · SigmaHQ/sigma · GitHub
- Sigma - SIEM Detection Format | The shareable detection format for security professionals.
Linux Specific Tools
- Linux kernel tainted detection
- Sysinternals/SysmonForLinux
- Linux Sysinternals
- Eric Zimmerman's tools
- Successor to Process Hacker | winsiderss/systeminformer: A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com
- ipinfo/cli: Official Command Line Interface for the IPinfo API (IP geolocation and other types of IP data)
- Malware Analysis Tools List
- forensicxlab/VISION-ProcMon: A ProcessMonitor visualization application written in rust.
- GitHub - TheHive-Project/Cortex: Cortex: a Powerful Observable Analysis and Active Response Engine
- Windows Malware Analysis Tools
- rshipp/awesome-malware-analysis: A curated list of awesome malware analysis tools and resources.
- MobSF/Mobile-Security-Framework-MobSF: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis
- FAME - FAME Automates Malware Evaluation
- Project Freta | Microsoft Docs
- Freta Documentation
- Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service
- GitHub - salesforce/ja3: JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
- alexandreborges/malwoverview: Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, ThreatCrowd, Valhalla, Malware Bazaar, ThreatFox, Triage and it is able to scan Android devices against VT and HA.
- A curated list of malware analysis tools and resources.
- Malcat - hexadecimal editor and disassembler for malware analysis
- Build a code coverage map quickly in a VM using https://t.co/UeDWwPYTeL, import to IDA w/Lighthouse, and reverse the necessary hit blocks/functions in the binary." / Twitter
- convert signed hex values to negative decimal values
- CERT-Polska/mwdb-core: Malware repository component for samples & static configuration with REST API interface.
- Home · mentebinaria/retoolkit Wiki · GitHub
- GitHub - z0ccc/Vytal: Spoof your location data and user agent.
- GitHub - myfreeer/7z-build-nsis: 7-zip build and package script with nsis script decompiling using ms visual studio
- GitHub - stevemk14ebr/RETools: My reversing tools. Some custom, some not.
- GitHub - stevemk14ebr/PolyHook_2_0: C++17, x86/x64 Hooking Libary v2.0
- Tools | ForrestOrr
- Malware Analysis & Investigation Framework | al3x in cyberland
Books
Practical Malware Analysis (PMA)
- Practical Malware Analysis: A Hands-On Guide to Dissecting Malicious Software
- Practical Malware Analysis.pdf
- Practical Malware Analysis | No Starch Press
- PMA Kernel Module Labs | Updates Labs for Windows 10 to work on Windows 7 | PracticalMalwareAnalysis-Labs/PracticalMalwareAnalysis-Labs-Windows7.7z at master · mikesiko/PracticalMalwareAnalysis-Labs
- Learning Malware Analysis: Explore the concepts, tools, and techniques to analyze and investigate Windows malware (9781788392501): A, Monnappa K: Books
- Rootkits and Bootkits [Book]
- GitHub - Apress/malware-analysis-detection-engineering: Source Code for 'Malware Analysis and Detection Engineering' by Abhijit Mohanta and Anoop Saldanha
- Amazon.com: Mastering Malware Analysis: A malware analyst's practical guide to combating malicious software, APT, cybercrime, and IoT attacks, 2nd Edition eBook : Kleymenov, Alexey, Thabet, Amr: Kindle Store
- Book Summary – “Evasive Malware: Understanding Deceptive and Self-Defending Threats” – SecurityLiterate.com
Videos to learn from
OALabs
- OALabs - YouTube
- OALabs Github
- OALABS Patreon
- Oh My Malware
- JStros | Malware Analysis - YouTube
- Malware Theory - Basic Structure of PE Files - YouTube
- Colin Hardy - Lots of Malware Analysis Stuff
- Malware Reversing Challenge III - Fortego | Fortego
- IRC Botnet Sinkhole: The Full Reverse Engineering Process - YouTube
- MalwareTechBlog - Beginner Reverse Engineering - Twitch
- Conti Ransomware - Code Exec Vulnerability - YouTube
- Reversing Malware. Also How is APT 29 Successful with This Phishing Technique!? - YouTube
- RE Tools Spotlight: Binary Refinery - High Octane Malware Triage Analysis - YouTube
- Breaking Modern Software Protectors - YouTube
- Vulnerable Antivirus Driver Used by Ransomware - We Reverse Engineer How!!? - YouTube
- Cerbero Labs - YouTube
Articles to learn from
Good Refreshers
- Heaven's Gate | WOW64!Hooks: WOW64 Subsystem Internals and Hooking Techniques | Mandiant
- Recognizing and Avoiding Disassembled Junk | Mandiant
- OALABS Research - Malware Analysis Reports
- OALabs/research notebooks · GitHub
- vx-underground | All Things Malware
- Debugging Complex Malware that Executes Code on the Heap | Mandiant
Malware Analysis Series Blog (Good Stuff!)
- Malware Analysis Series Blog - Exploit Reversing – A blog about reverse engineering, malware analysis, programming and threat hunting.
- Malware Analysis Series - Malicious Document Analysis
- Malware Analysis Series Article 1
- Malware Analysis Series Article 2
- Malware Analysis Series Article 3
- Malware Analysis Series (MAS) – Article 4
- Malware Analysis Series (MAS) – Article 5 – Exploit Reversing
FS & GS Registers
- assembly - What is the "FS"/"GS" register intended for? - Stack Overflow
- assembly - What does fs and gs registers provide in Linux? - Reverse Engineering Stack Exchange
- assembly - What is the "FS"/"GS" register intended for? - Stack Overflow
- GS and FS Register Information | Win32 Thread Information Block - Wikipedia
Interview Questions
- Interview questions for a RE position? : ReverseEngineering
- Mandiant Interview Questions | Glassdoor
- Malware analysis interview questions with detailed answers (Part 1)
- Interview Questions for Malware/Vuln Research Internship : Malware
- Top 30 malware analyst interview questions and answers for 2018 - Infosec Resources
- malware-analysis-interview-questions-updated-2020
- Home | Ring 0x00
- Darkside Ransomware | Chuong Dong
- Lenny Zeltser - Malicious Software Material
- Zeltser - How You Can Start Learning Malware Analysis
- Rolf Rolles RE Blog/Research — Möbius Strip Reverse Engineering
- MalwareTech - Guides to Reversing Malware
- Open ADB Ports Being Exploited to Spread Possible Satori Variant in Android Devices - TrendLabs Security Intelligence Blog
- Ursnif Trojan Campaign Uses Steganography and Mario |
- Tips for Reverse-Engineering Malicious Code
- Why Is The PE Entry Point Not The Same As Main Understanding __security_init_cookie and __scrt_common_main_seh | OALABS on Patreon
- Detecting malware kill chains with Defender and Microsoft Sentinel – Microsoft Sentinel 101
- Reverse Engineering Undocumented Structures for Windows 10 | VerSprite
- Hexacorn | Blog UVWATAUAVAWH – Meet The Pushy String
- Looking for sophisticated malware in IoT devices | Securelist
- A Deep Dive Into RUNDLL32.EXE. Understanding “rundll32.exe” command… | by Nasreddine Bencherchali | Medium
- The malware analyst's guide to aPLib decompression - 0xC0DECAFE.com
- Feature and Interface Discovery | Microsoft Docs
- The Pyramid of Pain | Enterprise Detection & Response
- TLS Callback Functions | InfoSec Handlers Diary Blog - SANS Internet Storm Center
- Windows Event Logs for fileless malware | A new secret stash for “fileless” malware | Securelist
- Studying “Next Generation Malware” - NightHawk’s Attempt At Obfuscate and Sleep | Suspicous Actor
- What is a Trojan? Is It Virus or Malware? How It Works | Norton
- Persian Kitties Hiding Benign Executables | InQuest
- Information about EDRs that can be useful
- Malware Analysis and Reverse Engineering Workflow | Malware Hell
- Handling Malware Samples | Malware Hell
- Microsoft DART ransomware approach and best practices | Microsoft Docs
- Reversing complex jumptables in Binary Ninja
- Chinese Hackers Using New Manjusaka Hacking Framework Similar to Cobalt Strike
- Learney - Intro to Python Curriculum Map
- Concealed code execution: Techniques and detection
- Maelstrom: Static OpSec Review
- Playing in the (Windows) Sandbox - Check Point Research
- Bootkitting Windows Sandbox | secret club
- The Anatomy of Wiper Malware, Part 1: Common Techniques | CrowdStrike
- Malware Reverse Engineering for Beginners - Part 1: From 0x0 - Intezer
- Malware Reverse Engineering for Beginners - Part 2
Useful Constants, Cheatsheets and Tips
File Format Cheatsheets
- corkami/pics · GitHub
- PE102 | corkami/pics
Language Constants
- Language Identifier Constants and Strings - Win32 apps | Microsoft Learn
- Language Code Table
- Microsoft .NET CultureInfos
- Nominatim/Country Codes - OpenStreetMap Wiki
Various API Hashes
- Malware API Hashes | malware/api_hashes at master · tildedennis/malware
- SANS Malware Tips
- malwaretech Cheatsheet.rtf
- GitHub - corkami/docs: documentations, slides decks...
- Dr. Fu's Blog: Malware Analysis Tutorial 8: PE Header and Export Table
- Malware Analysis Mind Map
- Methodology for Reverse-Engineering Malware
- Cheat Sheet for Analyzing Malicious Software
- REMnux Usage Tips for Malware Analysis on Linux
- Malware Analysis Mind Map | MindMeister
- Schtasks | command-line arguments of Schtasks
- fr0gger/Awesome_Malware_Techniques: This is a repository of resource about Malware techniques
Challenges
FlareOn
FlareOn 2019
- FLARE-On
Challenge 1
- Building dnSpy · 0xd4d/dnSpy Wiki
Challenge 2
- UTF-8 - Wikipedia
- Corrigendum #1: UTF-8 Shortest Form
- UTF-8 and Unicode FAQ
- Unicode/UTF-8-character table
- Hexadecimal to Binary Converter
- From Hex, Decode text - CyberChef
Challenge 3
- APK decompiler - decompile Android .apk ✓ ONLINE ✓
- From Hex, Decode text - CyberChef
Challenge 4
- Wireshark 2.6 Available to Install in Ubuntu 18.04, 16.04 via PPA | UbuntuHandbook
- Download and Installation — Scapy 2.4.3.dev7 documentation
- Reading Pcap files with Scapy | IncognitJoe
- network manager - How to Add dnsmasq and keep systemd-resolved (18.04) - Ask Ubuntu
- How to Configure dnsmasq on Ubuntu Server 18.04 LTS – Linux Hint
- How to Install and Configure Dnsmasq on Ubuntu 18.04 LTS - Computing for Geeks
- FreeKB - Understanding the /etc/hosts.allow and /etc/hosts.deny files in Linux
- Flare-On-Challenges and Solutions: This repo is aim to compile all Flare-On challenge's binaries. Update: 2014 -2022.
- RE Challenges - FLARE-On Challenge
- Flare-On 5 CTF WriteUp (Part 2)
- FireEye FLARE On 2016 Challenges Write Up (Pt. 2) - Two Six Technologies | Advanced Technology Solutions for Critical Missions
- FLAREON- 09_evil
- Flare-On 8 – Task 9 | hasherezade's 1001 nights
- Beginner Malware Reversing Challenges - MalwareTech
- Capture the Flag: CrowdStrike Intelligence Adversary Quest 2022
Malware Samples and Specific Writeups
Specific Malware Writeups
GuLoader
- GuLoader - VirusTotal - File - 66d285603fcb08bbebcdbeeb64c464614cfaba6cf7ab9926d8c1037f69036758
- Guloader - Automated Malware Analysis Report for Shipment Consignment Notification-#U00a0 6183111.exe - Generated by Joe Sandbox
- Locky NSIS-based Ransomware is Embracing Its New End of Summer Shape
- DialogBoxParamW Malware | KoreLogic Blog
- GuLoader’s Anti-Analysis Techniques | by Hido Cohen | Medium
- [Down]loaded by GuLoader Malware | DeepInstinct
- GuLoader? No, CloudEyE. - Check Point Research
- Gu-loader analysis | Tecniche per semplificare l’analisi del malware GuLoader – CERT-AGID
- Guloader | OALABS Research
- GuLoader's Obfuscation Technique: Understanding Stack Manipulation | 0ffset Training Solutions
- GuLoader: Deobfuscating and Automating Malware Analysis
- Destroying GuLoader - Malware Hell
- Cloud-Based Malware Delivery: The Evolution of GuLoader - Check Point Research
Cobalt Strike
- BEACON - Extracting the Cobalt Strike Config from a TEARDROP Loader - Securehat
- Defining Cobalt Strike Components So You Can BEA-CONfident in Your Analysis | Mandiant
- Decoding Cobalt Strike: Understanding Payloads - Avast Threat Labs
- Cobalt Strike: Decrypting DNS Traffic – Part 5 – NVISO Labs
- cobalt strike reflective loader - Google Search
- Cobalt Strikes Again: An Analysis of Obfuscated Malware
- Cobalt Strike Beacon
- Malleable PE, Process Injection, and Post Exploitation - Cobalt Strike
- Learn Pipe Fitting for all of your Offense Projects - Cobalt Strike Research and Development
- Example of Cleartext Cobalt Strike Traffic (Thanks Brad) - SANS Internet Storm Center
- Finding Metasploit & Cobalt Strike URLs - SANS Internet Storm Center
- Welcome to Cobalt Strike
- Talos_Cobalt_Strike.pdf
- CobaltStrike - beacon.dll : Your No Ordinary MZ Header
- .NET | Reflective DLL | Cobalt Strike Execute Assembly | Power Point
- GitHub - Cracked5pider/KaynStrike: URDL for CS
- Cobalt Strike Samples: Silas on Twitter: "Righto. Lets talk about this data and how to use it. To start, I'm uploading a zip file of all samples as well to allow downloading in bulk. I'll also share out some more parts of this as we go. So, off we go... 🧵(1/14)" / Twitter
- Automating Cobalt Strike with Python
- emcghee/PayloadAutomation
- https://securityintelligence.com/posts/defining-cobalt-strike-reflective-loader/
- Mars Stealer: Oski refactoring | 3xp0rt
- MoonBounce: the dark side of UEFI firmware | Securelist
- Reverse engineering Emotet – Our approach to protect GRNET against the trojan | GRNET CERT
- Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks | Symantec Blogs
- regin-top-tier-espionage-tool-15-en
- PetrWrap: the new Petya-based ransomware used in targeted attacks | Securelist
- Malware Analysis – Dridex Loader – Part 2 | Count Upon Security
- Matanbuchus: Malware-as-a-Service with Demonic Intentions
- HermeticWiper: A detailed analysis of the destructive malware that targeted Ukraine Looking at the internals of HermeticWiper | Malwarebytes Labs
- Hermetic Wiper overview of Capabilities
- Kaspersky Reveals a Backdoor Targeting Organizations Around the World | PCMag
- A step-by-step analysis of the Russian APT Turla backdoor called TinyTurla – CYBER GEEKS
- Microsoft sounds the alarm over new cunning Windows malware | TechRadar
- Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware - Microsoft Security Blog
- INDUSTROYER.V2: Old Malware Learns New Tricks | Mandiant
- Dissecting One of APT29’s Fileless WMI and PowerShell Backdoors (POSHSPY) | Mandiant
- Deep Analysis of Mars Stealer - XJunior
- Malware-RE-papers/Qakbot report.pdf at main · NtQuerySystemInformation/Malware-RE-papers
- Malware Analysis & Reverse Engineering Blog | XJunior
- Analyzing a Brute Ratel Badger
- Colibri Loader's unique Persistence Technique using Get-Variable cmdlet - FourCore
- Florian Roth ⚡ on Twitter: "That's an interesting PowerShell based loader that uses only space (0x20) and tab (0x09) characters to encode a payload https://t.co/k0sdZfWDva https://t.co/jc8uinTcp6" / Twitter
- Malpedia (Info on Malware Families and Yara Rules)
- BumbleBee (Malware Family)
- Qakbot Dropper Analysis - YouTube
- ImHex Pattern and YARA Functionality - Custom Tools, Reverse Engineering, and Threat Research
- Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Manjusaka: A Chinese sibling of Sliver and Cobalt Strike
- QBot phishing uses Windows Calculator DLL hijacking to infect devices
- ShadowPad | A Masterpiece of Privately Sold Malware in Chinese Espionage - SentinelLabs
- ShadowPad Malware Analysis | Secureworks
- poisonplug (Malware Family)
- poisonplug/PlugX/ShadowPad malware - Google Search
- Agonizing Serpens (Aka Agrius) Targeting the Israeli Higher Education and Tech Sectors
- The Sample: RC4 the Hard Way, a Tale of WHITEDAGGERS
- THREAT ANALYSIS REPORT: Bumblebee Loader – The High Road to Enterprise Domain Control
- SUNBURST
- Dridex v4 - Configuration Files, Network and Binaries
- INCONTROLLER: New State-Sponsored Cyber Attack Tools Target Multiple Industrial Control Systems | Mandiant
- Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: ModernLoader delivers multiple stealers, cryptominers and RATs
- ChromeLoader: New Stubborn Malware Campaign
- How Kaspersky obtained all stages of Operation Triangulation | Securelist
- Malware stories: Deworming the XWorm | CERT Polska
- Stuxnet Decompiled
- Good Practice: MS-SQL Slammer Analysis
- Kimsuky’s GoldDragon cluster and its C2 operations | Securelist
- DEEDRAT | Space Pirates: analyzing the tools and connections of a new hacker group
- Deed RAT - Malware removal instructions
- BlackCat : New Rust based ransomware borrowing BlackMatter’s configuration | by S2W | S2W BLOG | Medium
- Just another analysis of the njRAT malware – A step-by-step approach – CYBER GEEKS
- njRAT — Malware Analysis. njRAT (a.k.a Bladabindi) is a .NET… | by Hido Cohen | Medium
- A detailed analysis of a new version of Darkside Ransomware (V. 2.1.2.3) - YouTube
- Brute Ratel | OALABS Research
- GitHub - paranoidninja/BRC4-Seminar-Stage-I: These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be found here:
- From Hidden Bee to Rhadamanthys - The Evolution of Custom Executable Formats - Check Point Research
- A Deep Dive into Brute Ratel C4 payloads – CYBER GEEKS
- Connecting the Dots: Kaspersky Reveals In-Depth Insights into Operation Triangulation | Kaspersky
- Triangulation: Trojan for iOS | Kaspersky official blog
- Triangulation: validators, post-compromise activity and modules | Securelist
- AgentTesla - Full Loader Analysis - Resolving API Hashes Using Conditional Breakpoints
- Raspberry Robin’s Roshtyak: A Little Lesson in Trickery - Avast Threat Labs
- Making Cobalt Strike harder for threat actors to abuse | Google Cloud Blog
- neonprimetime security , just trying to help: Njrat lime ilspy decompiled code from opendir seen on twitter
- LFI2RCE via PHP Filters - HackTricks
- Remcos RAT - Malware Analysis Lab : Jai Minton
- Detecting and decrypting Sliver C2 – a threat hunter's guide - Immersive Labs
- OODA Loop - The Origin Story of the APT Turla, the Hunt for “The Snake” Malware, and Current Steps for Prevention
- COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises | Mandiant
- Doing time with the YIPPHB dropper | Elastic
- jhumble/Kixtart-Detokenizer: Decrypt and detokenize kixtart scripts
- Reversing and Decrypting a case of KiXtart | by Diego Vicedo | Medium
- dvicedo/KiXtart-Decrypt: Decryption tool for KiXtart
- Quasar Rat Analysis - Identification of 64 Quasar Servers Using Shodan and Censys
- U.S. Agencies and Allies Partner to Identify Russian Snake Malware Infrastructure Worldwide > National Security Agency/Central Security Service > Press Release View
- Analyzing the FUD Malware Obfuscation Engine BatCloak
- analysis-of-an-alphv-incident - esxi ransomware bug
- Dissecting TriangleDB, a Triangulation spyware implant | Securelist
- Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla)
- From Albania to the Middle East: The Scarred Manticore is Listening - Check Point Research
IDB's for Malware
- IDBs/Polyglot.idb at master · RolfRolles/IDBs
- RolfRolles/IDBs: Analyses in IDA/Hex-Rays
- An Exhaustively-Analyzed IDB for FlawedGrace — Möbius Strip Reverse Engineering
Ransomware
- How to protect your org from ransomware - conti-cyber-attack-on-the-hse-full-report.pdf
- Technical Analysis of Emerging, Sophisticated Pandora Ransomware Group
- Head Fake: Tackling Disruptive Ransomware Attacks | Mandiant
- Brand-New HavanaCrypt Ransomware Poses as Google Software Update App Uses Microsoft Hosting Service IP Address as C&C Server
- Conti ransomware source code investigation - part 2. - cocomelonc
- The many lives of BlackCat ransomware - Microsoft Security Blog
- Dissecting the last version of Conti Ransomware using a step-by-step approach – CYBER GEEKS
- Microsoft Word - SunCryptRansomware_Whitepaper - Vlad Pasca.docx
- LockBit 3.0: "Making the ransomware great again" - Cluster25
- Lockbit 3.0 Ransomware Triage | OALABS Research
- Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents | Mandiant
- How to Deobfuscate Maze Ransomware | CrowdStrike
- A Malware Researcher's Guide to Reversing Maze Ransomware
- Ransomware Maze | McAfee Blog
- CrowdStrike Discovers New DoppelPaymer Ransomware & Dridex Variant
- Rhysida Ransomware Technical Analysis - Avast Threat Labs
- BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration
- DarkSide Ransomware | Qualys Security Blog
- Shining a Light on DARKSIDE Ransomware Operations | Mandiant
- Cybereason vs. DarkSide Ransomware
- Try This One Weird Trick Russian Hackers Hate – Krebs on Security
- Threat Thursday: Delving Into the DarkSide
- Ransom.Win32.SFILE2.A - Threat Encyclopedia
- The NT Insider:Keeping Secrets - Windows Security (Part III)
- Token Manipulation Attacks – Part 2 (Process of Impersonation) - Checkmate
- c++ - About the MSDN code example, "Enabling and Disabling Privileges" - Stack Overflow
- Enabling and Disabling Privileges in C++ - Win32 apps | Microsoft Learn
- UAC bypass analysis (Stage 1) Ataware Ransomware - Part 0x2 - Securityinbits
- Abuse Elevation Control Mechanism: Bypass User Account Control, Sub-technique T1548.002 - Enterprise | MITRE ATT&CK®
- #CQLabs - How UAC bypass methods really work by Adrian Denkiewicz | CQURE Academy
- UAC bypass using CMSTPLUA COM interface
- Use-COM-objects-to-bypass-UAC/IARPUninstallStringLauncher.cpp at master · 3gstudent/Use-COM-objects-to-bypass-UAC
- BlackMatter Ransomware v2.0 | Chuong Dong
- Darkside Ransomware | Chuong Dong
Specific Malware Config Extractors
- Automated Emotet Config Extractor | 1 function per C2 with stack string construction |emo_x64_dump.py
- Malware analysis with IDA/Radare2 2 - From unpacking to config extraction to full reversing (IceID Loader)
- Unpack RedLine .NET stealer to extract config
- Config Extraction from in-memory CobaltStrike Beacons – cyber.wtf
- Configuration_extractors/config_extract_QuasarRAT.py at main · RussianPanda95/Configuration_extractors · GitHub
- QBotConfig-Extractor/Config Extractor.py at main · FarghlyMal/QBotConfig-Extractor · GitHub
BEACON Config Extractors
- "#CobaltStrike V4 Reflective Loader #CyberChef config extractor recipe ☛ Input: Encoded PowerShell (or HEX and disable the first 13 recipes) ☚ Output: Configuration Block (Hex dump) ✔ For x64: https://t.co/Zik3qaMMYz ✔ For x32: https://t.co/crok3Im0Sw Thanks to Michael D https://t.co/1qzCdHENrX" / Twitter
- 64bit Cyberchef Recipe for Cobalt Strike Reflective Loader(beacon) v4
- 32-bit Cyberchef Recipe for Cobalt Strike Reflective Loader(beacon) v4
- x64 Cyberchef Recipe for Cobalt Strike Reflective Loader(beacon) v4 with parsing
- x32 Cyberchef Recipe for Cobalt Strike Reflective Loader(beacon) v4 with parsing
Source Code
- HermeticWiper_Source
- vxunderground/MalwareSourceCode: Collection of malware source code for a variety of platforms in an array of different programming languages.
- GitHub - mjharbison/plugxUSBPOC: PoC for PlugX USB infection and concealment
- GitHub - 0xperator/hookbot_source: This repository contains a few leaked files of HookBot.
- conti_locker: Conti Locker source code
Malware Samples
- Where can I, as an individual, get malware samples to analyze? - Reverse Engineering Stack Exchange
- vx-underground | All Things Malware
- VxUnderground · Virus.exchange
- MalwareBazaar | Browse malware samples
- MalShare | collaborative effort to create a community driven public malware repository
- VirusShare.com
- Malware Repo Moonbounce - vx-underground - Directory
- InQuest/malware-samples: A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net
- Lockbit Black 3.0 MalwareBazaar | SHA256 80e8defa5377018b093b5b90de0f2957f7062144c83a09a56bba1fe4eda932ce
- ytisf/theZoo: A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
- abuse.ch | Fighting malware and botnets
- RamadhanAmizudin/malware: Malware Samples. Uploaded to GitHub for those want to analyse the code. Code mostly from: http://www.malwaretech.com
- malwares/DangerousZone: Dangerous Malwares
- Malwares
- HynekPetrak/javascript-malware-collection: Collection of almost 40.000 javascript malware samples
- mstfknn/malware-sample-library: Malware sample library.
- funtimes-ninja/malware: Malware samples from honeypots
- Tlgyt/The-Collection: Collection of cracked malware, and ebooks
- bxlcity/malware
- Free Malware Sample Sources for Researchers
- jstrosch/malware-samples: Malware samples, analysis exercises and other interesting resources.
- MalShare
- for710_ctf_malware - Google Drive
- FOR 710 Malware (password is malware)
Anti-Analysis, Obfuscation, & AV/EDR Evasion
Anti-Debug Stuff
Tools to help
- x64dbg/ScyllaHide: Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide
- Anti Debugging Protection Techniques With Examples
- Anti-debugging Techniques Cheat Sheet - 0xAA - Random notes on security
- Windows Anti-Debug Reference | Symantec Connect Community
- Anti-Debugging - Unprotect Project
Anti-Sandbox/VM
- HAL9TH | Meet Oski Stealer: An In-depth Analysis of the Popular Credential Stealer
- Matthias on Twitter: "TIL that you can bypass Windows Defender by setting your computer name to HAL9TH. Who the hell thought this was a good idea? https://t.co/ahfRjjIf4F" / Twitter
- Lots of Anti VM Tricks | 2022 FLARE's Malware of the Month (MoM)-20221221_145944-Meeting Recording.mp4
- Sandbox Evasion - Unprotect Project
- Mechanisms to determine if software is running in a VMware virtual machine (1009458)
- CPUID - Wikipedia
- Tequilaboomboom - Mysterious Ohagi Malware
- List of anti anti VM parameters for vmware
- AntiVM Tool | hzqst/VmwareHardenedLoader: Vmware Hardened VM detection mitigation loader (anti anti-vm)
API Hashing & Dynamic API Loading
- OALabs/hashdb-ida: HashDB API hash lookup plugin for IDA Pro
- Dynamic API Loading Script | Hex-Rays, GetProcAddress, and Malware Analysis — Möbius Strip Reverse Engineering
- https://www.0ffset.net/reverse-engineering/malware-analysis/dridex-veh-api-obfuscation/
- Dynamic Imports and Working Around Indirect Calls - Smokeloader Study Case
- IDA Pro Tutorial - Reverse Engineering Dynamic Malware Imports - YouTube
- IDA Pro Scripting Intro - Automate Dynamic Import Resolving for REvil Ransomware - YouTube
General Obfuscation and Deobfuscation
LLVM
- ollvm · GitHub Topics
- obfuscator-llvm/obfuscator
- Defeating Compiler-Level Obfuscations Used in APT10 Malware - VMware Security Blog - VMware
- Deobfuscation: recovering an OLLVM-protected program
- D810: A journey into control flow unflattening
JavaScript
- PiotrDabkowski/Js2Py: JavaScript to Python Translator & JavaScript interpreter written in 100% pure Python🚀 Try it online:
- GitHub - lelinhtinh/de4js: JavaScript Deobfuscator and Unpacker
- PwnFunction on Twitter: "who needs javascript deobfuscators? https://t.co/RvI5nJWPJs" / Twitter
- Obfuscator Collections
- Matt on Twitter: "A short thread of solid #CyberChef alternatives and complementary tools.... ⏬" / Twitter
- MODERN MALWARE: OBFUSCATION AND EMULATION (DEF CON CHINA).pdf - Google Drive
- Data Obfuscation - Unprotect Project
- hitb2021ams_deobfuscation
- X86 code obfuscation engine | Perses: X86 Mutation Engine with Portable Executable compatibility.
- X86 code obfuscation engine | Writing a Mutation Engine and breaking Aimware // Back Engineering
- Ferib: Reversing Common Obfuscation Techniques
- GitHub - binref/refinery: High Octane Triage Analysis
- GitHub - Ciphey/Ciphey: ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
- CyberChef
- gchq/CyberChef: The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
- Exported functions that are really forwarders - The Old New Thing
- GitHub - mrphrazer/r2con2021_deobfuscation: Workshop Material on VM-based Deobfuscation
String Hashing
- sunburst_countermeasures/fnv1a_xor_hashes.txt at main · mandiant/sunburst_countermeasures · GitHub
Heaven's Gate
- Syscall Hooking Under WoW64: Introduction (1/2) « RCE Endeavors
- Heavens Gate & FS:[0xC0] | WOW64!Hooks: WOW64 Subsystem Internals and Hooking Techniques | Mandiant
- A coin miner with a "Heaven's Gate" | Malwarebytes Labs
- Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: RATs and stealers rush through “Heaven’s Gate” with new loader
- Heaven’s Gate | Kaspersky IT Encyclopedia
- Unlocking the Heaven's Gate Technique on Linux
- Ten years later, malware authors are still abusing 'Heaven's Gate' technique | ZDNet
- 64 bit syscall from 32 bit process | Wow64 User-mode System Calls Hooking
- The 0x33 Segment Selector (Heavens Gate) - MalwareTech
- Heaven's Gate Technique | k4n3ki
PE Bloat
- Understanding PE Bloat with Malcat – Squiblydoo.blog
- Malware Stress Test | Public Malware Techniques for Anti-Debug/VM Detection
- Evasion techniques
- RE tip of the day: Debugger can also be detected by malware by checking its parent process. CreateToolhelp32Snapshot and Process32First/Process32Next or NtQueryInformationProcess with ProcessBasicInformation arg can reveal it https://t.co/xyN5YBEGiz"
- FLIRT Signatures Evasion - Unprotect Project
- Anti-Disassembly - Unprotect Project
- Anti-Forensic - Unprotect Project
- Anti-Monitoring - Unprotect Project
- Unprotect Project
- Search - Unprotect Project
- danielplohmann/apiscout: This project aims at simplifying Windows API import recovery on arbitrary memory dumps
- LordNoteworthy Github | Public Malware Techniques for Anti-Debug/VM Detection + Windows Internals Notes
- Malware Evasion Techniques Part I: Process Injection and Manipulation
- Malware Hides in Installer to Avoid Detection | McAfee Blog
- Using process creation properties to catch evasion techniques - Microsoft Security Blog
- Malware Analysis - A Way to Learn Anti-Reversing Tricks - YouTube
Indicators Of Compromise (IOC's)
- Malware Domain List
- Definitive Dossier of Devilish Debug Details – Part One: PDB Paths and Malware | Mandiant
- Concise Windows Functions in Malware Analysis List · GitHub
- Import Hash (imphash) routine
- Tracking Malware with Import Hashing | Mandiant
Persistence Mechanisms
- Great Info on Persistence Mechanisms | persistence-info.github.io
- Windows Platform Binary Table | Hardware Based Persistence | persistence-info.github.io
- Windows terminal persistence | https://mobile.twitter.com/nas_bench/status/1550836225652686848?t=NwboL7gdtda02SgJd1aIQw&s=19
- Persistence Techniques That Persist
- Windows Registry: Malware Persistence
Loader Stuff
- KaynLdr is a Reflective Loader written in C/ASM
- User Defined Reflective DLL Loader
- Manual-DLL-Loader/Loader.cpp at main · adamhlt/Manual-DLL-Loader
- ReflectiveDLLInjection/ReflectiveLoader.h at master · stephenfewer/ReflectiveDLLInjection
- Pe-Loader-Sample/PeLdr.cpp at master · abhisek/Pe-Loader-Sample
- Perfect Loader Implementations. Thank you to SpecterOps for supporting… | by Evan McBroom | Oct, 2023 | Posts By SpecterOps Team Members
- Run-Time Dynamic Linking - Win32 apps | Microsoft Docs
- Creating a Simple Dynamic-Link Library - Win32 apps | Microsoft Docs
- Walkthrough: Create and use your own Dynamic Link Library (C++) | Microsoft Docs
- DLL_Loader/loader.cpp at main · elliot-chernofsky_MNDT/DLL_Loader
- memory-module-loader/moduleloader.c at main · scythe-io/memory-module-loader
Packers/Unpackers/Protectors
VMProtect/Virtualization
- Obfuscator-Collections/VMProtect: VMProtect source code leak (incomplete, some important files are still missing, but you can still see it as a reference on how to virtualize the code)
- VMProtect 3 Unpacker | wallds/NoVmpy
- How To Unpack VMProtect 3 (x64) Night Sky Ransomware With VMPDump [Patreon Unlocked] - YouTube
- GitHub - 0xnobody/vmpdump: A dynamic VMP dumper and import fixer, powered by VTIL.
- Devirtualization Stuff - VTIL Project
- mike1k/VMPImportFixer: Fix VMProtect Import Protection
- A Tale of Static Devirtualization Vol. I: The Lift | nobody
- VMProtect Workflow for resolving obfuscated import stubs | Debugging with IDA: Emulating code from crash dumps - defeating VMP's obfuscated imports - YouTube
- VMProtect3 | horizon-backscatter3/vmprotect3.py at staging · MandiantTI/horizon-backscatter3
- Titan | a VMProtect devirtualizer
- GitHub - can1357/NoVmp: A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
- MS DART - Recovering a VMProtected file intact
UPX
- Unpacking UPX - Using OllyDump - Unpacking, reversing, patching - Infosec Resources
- UPX packed headaches - Akamai Security Intelligence and Threat Research Blog
- How to Unpack Malware with x64dbg | Varonis
- OEP vs EP for Packed Executables
- Packers - Unprotect Project
- Unpacking binary 101 – Sam0x90 blog
- Introducing New Packing Method: First Reflective PE Packer Amber – Pentest Blog
- dhondta/dataset-packed-pe: Dataset of packed PE samples
- dhondta/dataset-packed-elf: Dataset of packed ELF samples
- dhondta/awesome-executable-packing: A curated list of awesome resources related to executable packing
- GitHub - hasherezade/mal_unpack: Dynamic unpacker based on PE-sieve
- Unpacking Malware With Hardware Breakpoints - Cobalt Strike
- An Introduction to Dumping Malware with Process Dump - YouTube
DLL Things (Injection, Hijacking, Hollowing, Side-Loading, etc)
- Guide to DLL Sideloading | Crypt0ace
- Hijack Libs | curated list of DLL Hijacking candidates
- Perfect DLL Hijacking | Elliot on Security
- DLL Injection: Background & DLL Proxying (1/5) « RCE Endeavors
- PlugX DLL Side-Loading Technique / Felipe Duarte - YouTube
- [31] Malware Theory - DLL Execution - YouTube
Process Injection Stuff
- Ten process injection techniques: A technical survey of common and trending process injection techniques | Elastic Blog
- Github - Demos of various injection techniques found in malware
- Memory Module and Reflective DLL Injection | Hunting In Memory | Elastic Blog
- Portable Executable Injection Study
- Process Manipulating - Unprotect Project
- GitHub - stephenfewer/ReflectiveDLLInjection: Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
- Fileless threats | Microsoft Docs
Function/API Hooking
- Inline Hooking for Programmers (Part 2: Writing a Hooking Engine) - MalwareTech
- Inline Hooking for Programmers (Part 1: Introduction) - MalwareTech
- Blackhat Function Hooking Presentation
- Manually Implementing Inline Function Hooking - Securehat
Encryption/Crypto in Malware
- examples of common encoding/encryption mechanisms to help newer analysts learn to eyeball them
- Encryption 101: a malware analyst's primer - Malwarebytes Labs | Malwarebytes Labs
- RC4 in Malware - Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: An Introduction to Recognizing and Decoding RC4 Encryption in Malware
- Reverse Engineering Encrypted Code Segments - Ryan Cornateanu - Medium
- wincrypt.h at master · wine-mirror/wine
- PLAINTEXTKEYBLOB structure (Windows) | Microsoft Docs
- PUBLICKEYSTRUC (wincrypt.h) - Win32 apps | Microsoft Docs
- Crypto Constants | ALG_ID (Wincrypt.h) - Win32 apps | Microsoft Docs
- Base Provider Key BLOBs - Win32 apps | Microsoft Docs
- AES — PyCryptodome 3.14.1 documentation
- Cryptographic Provider Names (Wincrypt.h) - Win32 apps | Microsoft Docs
- CryptAcquireContextA function (wincrypt.h) - Win32 apps | Microsoft Docs
- Malware Crypto: Hidden in Plain Sight: Identifying Cryptography in BLACKMATTER Ransomware | Mandiant
- Your Guide to X509 Certificates (For Mortals)
- Reverse Engineering Crypto Functions: AES - Malware Analysis - Malware Analysis, News and Indicators
- d3v1l401/FindCrypt-Ghidra: IDA Pro's FindCrypt ported to Ghidra, with an updated and customizable signature database
- TorgoTorgo/ghidra-findcrypt: Ghidra analysis plugin to locate cryptographic constants
- PROV_RSA_AES - Win32 apps | Microsoft Docs
- [MS-GPNAP]: Cryptographic Provider Type | Microsoft Docs
- RSAPUBKEY (wincrypt.h) - Win32 apps | Microsoft Docs
- A Year of NSIS-based Cryptors - Cyren
- Revisiting the NSIS-based crypter | Malwarebytes Labs
- The DES Algorithm Illustrated
- Magic Numbers | magic numbers, cryptography,
- Quickly Check Ransomware Encryption | Demonslay335/CryptoTester: A utility for playing with cryptography, geared towards ransomware analysis.
- Cerbero Suite - Awesome for MA & Crypto testing
- How To Reverse Engineer RC4 Crypto For Malware Analysis - YouTube
Rootkits (User/Kernel + UEFI/BIOS)
UEFI/BIOS Malware
- Deobfuscate UEFI/BIOS Malware
- SecIdiot/bootkit: UEFI bootkit: Hardware Implant. In-Progress
- UEFI Papers | Unified Extensible Firmware Interface Forum
- GitHub - memN0ps/bootkit-rs: Rusty Bootkit - Windows UEFI Bootkit in Rust
- MoonBounce: the dark side of UEFI firmware | Securelist
- ldpreload/BlackLotus: BlackLotus UEFI Windows Bootkit
- MQsTTang: Mustang Panda’s latest backdoor treads new ground with Qt and MQTT | WeLiveSecurity
- BlackLotus UEFI bootkit: Myth confirmed | WeLiveSecurity
- Stealthy UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw – Ars Technica
Helpful MSDN Things
- PsLookupProcessByProcessId function (ntifs.h) - Windows drivers | Microsoft Learn
- ObOpenObjectByPointer function (ntifs.h) - Windows drivers | Microsoft Learn
- ZwTerminateProcess function (ntddk.h) - Windows drivers | Microsoft Learn
- PsLookupThreadByThreadId function (ntifs.h) - Windows drivers | Microsoft Learn
- _IRP (wdm.h) - Windows drivers | Microsoft Learn
- _DEVICE_OBJECT (wdm.h) - Windows drivers | Microsoft Learn
- _FILE_OBJECT (wdm.h) - Windows drivers | Microsoft Learn
- ObReferenceObjectByHandle function (wdm.h) - Windows drivers | Microsoft Learn
- PsTerminateSystemThread function (wdm.h) - Windows drivers | Microsoft Learn
Helpful Tools
- IOCTL Decoder | OSR Online
- GitHub - Fyyre/DrvMon: Advanced driver monitoring utility.
Other Helpful Docs
- PspTerminateThreadByPointer - Google Search
- struct EPROCESS
- 34591-breaking-the-sandbox.pdf
Malware Samples
- Robbinhood Driver
- Fantastic Rootkits: And Where to Find Them (Part 1)
- Fantastic Rootkits: And Where To Find Them (Part 3) – ARM Edition
- Fantastic Rootkits and Where to Find Them (Part 2)
- Simple userland rootkit - a case study | Malwarebytes Labs
- KernelMode Rootkits, Part 1 | SSDT hooks • Adlice Software
- KernelMode Rootkits, Part 2 | IRP hooks • Adlice Software
- KernelMode Rootkits, Part 3 | Kernel Filters • Adlice Software
- ESET Rootkit Analysis - USE CASE ON HIDEDRV
- Linux Rootkits Part 1: Introduction and Workflow :: TheXcellerator
- Rootkit analysis – Use case on HideDRV – Where security meets innovation
- Emulation of Kernel Mode Rootkits With Speakeasy | Mandiant
- Writing a simple rootkit for linux - Malware - 0x00sec - The Home of the Hacker
- New Milestones for Deep Panda: Log4Shell and Digitally Signed Fire Chili Rootkits
- Analyzing kernel drivers
Memory Forensics
- Finding Advanced Malware Using Volatility - eForensics
- Volatility Labs: Automating Detection of Known Malware through Memory Forensics
- Volatility Labs
- AMF | memoryanalysis
- Memory Forensics CTF/Wargame | MemLabs: Educational, CTF-styled labs for individuals interested in Memory Forensics
- Software Diagnostics Institute | Structural and Behavioral Patterns for Software Diagnostics, Forensics and Prognostics. Software Diagnostics Library.
- Investigating Malware Using Memory Forensics - A Practical Approach - YouTube
- Forensics Training | IACIS - Training
Shellcode Stuff
- mandiant/speakeasy: Windows kernel and user mode emulation.
- GitHub - clinicallyinane/shellcode_launcher: Shellcode launcher utility
- repnz/shellcode2exe: Batch script to compile a binary shellcode blob into an exe file
- Emulation of Malicious Shellcode With Speakeasy | Mandiant
- GitHub - accidentalrebel/shcode2exe: Compile shellcode into an exe file from Windows or Linux.
- ShellcodeTemplate: An easily modifiable shellcode template for Windows x64/x86
- hasherezade/pe_to_shellcode: Converts PE into a shellcode
- Writing Optimized Windows Shellcode
- Daniele Bellavista's Blog: IA32 shellcodes: get EIP value
- Running Shellcode Through Windows Callbacks – Marco Ramilli Web Corner
- Dancing With Shellcodes: Cracking the latest version of Guloader - Malware Analysis - Malware Analysis, News and Indicators
- Abusing native Windows functions for shellcode execution
- Monomorphic Shellcode Packer - all payloads have the same MD5 hash | GitHub - DavidBuchanan314/monomorph: MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash
- Windows Shellcode Emulation | SHAREM is intended to be the ultimate Windows shellcode tool, with support to emulate over 12,000 WinAPIs | Bw3ll/sharem
- SHAREM is a shellcode analysis or malware analysis tool that utilizes emulation and static analysis techniques to provide useful information about a sample.
Rootkit/MBR Malware Analysis
- Debugging MBR - IDA + Bochs Emulator | Malware-analysis-and-Reverse-engineering/Debugging MBR - IDA + Bochs Emulator.md at main · Dump-GUY/Malware-analysis-and-Reverse-engineering · GitHub
.Net Stuff
Deobfuscation Blogs
- A Tale of .Net Deobfuscation - VirtualGuard Basics
- A Tale of .Net Deobfuscation - VirtualGuard Devirtualization
- Quickly Deobfuscate .NET
- Combating control flow flattening in NET malware Georgy Kucherin Kaspersky - YouTube
ConfuserEx Specific Stuff
- ConfuserEx-Unpacker-v2.0.zip (MD5: 98353759951B4445ACF275FA4CF61C84) - Interactive analysis - ANY.RUN
- ConfuserEx Unpacker 2.0 - No Need Script, Ollydbg, X64DBG - YouTube
- GitHub - hackovh/ConfuserEx-Unpacker-2
- Dissecting ConfuserEx - Constants protection - Google Docs
- ConfuserEx Mod - UnPackMe (.NET) - Tuts 4 You
- Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Recam Redux - DeConfusing ConfuserEx
- A walkthrough to deobfuscating a ConfuserEx v1.0.0-4 g3fd0d55 protected .NET application – lallous' lab
- Unpack ConfuserEx v1.0.0 Custom | Anti-tamp - YouTube
- Deobfuscated ConfuserEx - ViRb3/de4dot-cex: 📦 de4dot deobfuscator with full support for vanilla ConfuserEx
- ConfuserEx Deep Analysis ~ AntiTamper - pwnlab.me
- Unflattening ConfuserEx .NET Code in IDA
- ConfuserEx_IDAPython/confuserex_unflatten.py at main · govcert-ch/ConfuserEx_IDAPython
- BedTheGod/ConfuserEx-Unpacker-Mod-by-Bed: Edited copy of cawks confuserex unpacker, support more than your averageprogram
- ConfuserEx 2 | mkaring/ConfuserEx: An open-source, free protector for .NET applications
.NET RE Tools (Disassemblers, Deobfuscation Scripts, etc)
dnSpy (RE tool for .NET)
- dnSpy: .NET decompiler, debugger and assembly editor
- de4dot: .NET deobfuscator and unpacker.
- .NET Decompiler: Decompile Any .NET Code | .NET Reflector
- pan-unit42/dotnetfile
- Deobfuscation of .NET using PowerShelling & dnlib - Eternity Malware - YouTube
- GitHub - advanced-threat-research/DotDumper: An automatic unpacker and logger for DotNet Framework targeting files
- GarbageMan
- .NETReactorSlayer: An open source (GPLv3) deobfuscator for Eziriz .NET Reactor
- List of .NET Deobfuscators | ConfuserEx .NET Deobfuscator | NotPrab/.NET-Deobfuscator: Lists of .NET Deobfuscator and Unpacker (Open Source)
- GitHub - wwh1004/ExtremeDumper: .NET Assembly Dumper
- dnSpyEx/dnSpy: Unofficial revival of the well known .NET debugger and assembly editor, dnSpy
- CodeTrack | .NET Analysis Tool
- Great .NET Deobfuscation Tool for Crypto | Runtime Flow - .NET C# stack trace monitor - Vlasov Studio (Best in class Visual Studio extensions and tools)
- Write a custom .NET runtime host - .NET | Microsoft Learn
- Live Stream VOD: Themida .NET Dumping and .NET Deobfuscation | OALABS on Patreon
- pinvoke.net: the interop wiki!
- DotNET Loaders
- .net fixing in DNSpy
- Introduction to DotNet Configuration Extraction - RevengeRAT
- Unpacking .NET Malware With Process Hacker and Dnspy
- Creating Processes Using System Calls | Core Labs
- Generating a .NET API Trace using CodeTrack - FLARE - Confluence
- Quick TIP for .NET #Reversing | Access field values not accessible in Locals
- More .NET Tips | Export all classes in single namespace to view all code in 1 view
- .NET MALWARE THREAT: INTERNALS AND REVERSING
- .NET simple-assembly-explorer: Automatically exported from code.google.com/p/simple-assembly-exploror
- .NET Mixed Assembly Example | CVE-2019-18935: Remote Code Execution via Insecure… | Bishop Fox
- .Net Mixed Assemblies - Crafting Flexible C++ Reflective Stagers for .NET Assemblies – The Wover – Red Teaming, .NET, and random computing topics
- .NET Metadata Tokens | Johannes Rudolph's Blog
- .Net Parser in Pythong | pype32: Yet another Python library to read and write PE/PE+ files.
- .NET Analysis Demo w_ Mike Hunhoff-20220701_120200-Meeting Recording.mp4
- C# Scripting w/ Interactive Console | Essential .NET - C# Scripting | Microsoft Learn
- .NET Reverse Enginering - Part 1 – CodePool – Programming and a bit more
- .NET Malware Analysis Tip - Use Process Hacker to watch for suspicious .NET assemblies in newly spawned processes. Combined with DnSpy - it's possible to locate and extract malicious payloads without needing to manually de-obfuscate. 1/ #Malware #dnspy #analysis #RE https://t.co/QDF4BC8QBM
- r-tec Blog | .NET Assembly Obfuscation for Memory Scanner Evasion - r-tec Cyber Security
- NixImports a .NET loader using HInvoke | dr4k0nia
C++ RE
- C++ Malware: An Exhaustively Analyzed IDB for ComLook — Möbius Strip Reverse Engineering
- Reversing C++ Virtual Functions: Part 1
- Miscellaneous/STLTypes-ForDistribution.py at 721959354c48d87e29f17224fffa2091994c146a · RolfRolles/Miscellaneous
- Reversing C++, Qt based applications using Ghidra | Gianluca Pacchiella
- Reverse Engineering 3011: Reversing C++ Binaries | OpenSecurityTraining2
- C++ RE | Using Runtime-Type-Information (RTTI) to extract class names and hierarchy – Coding upside down
- C++ Class IDA Plugin | nihilus/IDA_ClassInformer: IDA ClassInformer PlugIn
- c++ - How to organize vtables in IDA Pro? - Reverse Engineering Stack Exchange
- Remote Debug a C++ Project - Visual Studio (Windows) | Microsoft Learn
- Useful C++ RE Tool | ReClassNET/ReClass.NET: More than a ReClass port to the .NET platform.
- C++/NIM RE With ReClassNET | stevemk14ebr/FlareOn2020_Wednesday-3: In memory bot for flareon 2020 challenge #3
- Good for C++ RE | Virtual inheritance in C++
- Structs and Stuff | Reverse Engineering C++ Malware With IDA Pro - YouTube
- Miscellaneous/MSVC-CRT.md at master · RolfRolles/Miscellaneous · GitHub
Delphi
- IDR: Interactive Delphi Reconstructor
- Fireeye delphi unpacker script
- Delphi Ghidra Scripts | Dhrake: The Delphi Hand Rake
- Reverse Engineering Delphi Binaries in Ghidra with Dhrake – nullteilerfrei
- Meaning and Uses of Decompilation
- (Delphi) Process Hollowing, RunPE by Jean-Pierre LESUEUR - Unprotect Project
- Delphi | Which calling convention to use for EAX/EDX in IDA - Reverse Engineering Stack Exchange
- Delphi | Special Properties of Delphi (Object Pascal) Executables - Reverse Engineering Stack Exchange
Golang/Go RE
- Reversing GO binaries like a pro | RedNaga Security
- ghidraninja/ghidra_scripts: Scripts for the Ghidra software reverse engineering suite.
- Reverse Engineering Go Binaries with Ghidra - CUJO AI
- Hidden Features and Dark Corners of C++/STL
- Introduction to GO Reversing
- Golang wrapper on an old obscene malware | Random RE
- malware-unicorn/GoPEInjection: Golang PE injection on windows
- GitHub - loov/lensm: Go assembly and source viewer
- GoLang Analysis | Analyzing Golang Executables – JEB in Action
- Go Reverse Engineering Tool Kit - Redress
- GoLang | New Mac cryptominer uses XMRig | Malwarebytes Labs
- Go Library Code | golang/go: The Go programming language
- mandiant/GoReSym: Go symbol recovery tool
- Extracting type information from Go binaries | Securelist
- GitHub - SentineLabs/AlphaGolang: IDApython Scripts for Analyzing Golang Binaries
- AlphaGolang | A Step-by-Step Go Malware Reversing Methodology for IDA Pro - SentinelOne
- Introduction to Malware Engineering with Go — Part 1 | by APT-0x38 | Medium
- Matthew on X: "🔥Malware Analysis with @HuntressLabs 🔥 Watch as we analyse a bloated (1.5GB) Golang file and dynamically extract an Xworm payload. We'll touch on Procmon, Process Hacker, Entropy Analysis, Debloating, Breakpoints, Debuggers and lots more🤠 [1/14] 🧵 #Malware #Golang https://t.co/NCs1Eh6mTt" / X
- Detailed Analysis of AlphaSeed, a new version of Kimsuky’s AppleSeed written in Golang | by S2W | S2W BLOG | May, 2023 | Medium
- Golang Standard Library Typedefs · GitHub
Rust RE
- Reverse Engineering Rustlang Binaries - A Series | BrightProgrammer
- A Python tool to unstrip Rust binaries on Linux
- How to Obfuscate Strings in Rust the Easy Way
- Rust Binary Analysis, Feature by Feature - Check Point Research
Android/Java Malware Stuff
Android/Java Decompiler
- JEB Decompiler by PNF Software
- Java Deobfuscation | narumii/Deobfuscator: Some deobfuscator for java lol
Java Tools
- Java Tools | bytecode-viewer
- Java Tools | Bytecode Viewer - Java & Android APK Reverse Engineering Suite/Tool
- Java Native Interface (JNI) - Java Programming Tutorial
Malware Samples
- Not so boring Android malware | android-malware-samples
- ashishb/android-malware: Collection of android malware samples
- sk3ptre/AndroidMalware_2019: Popular Android threats in 2019
- hxp2k6/Android-Malwares: Collection of android malware samples
Books
- Android Malware Detection with Machine Learning | No Starch Press
Videos
- Frida Hooking Tutorial - Android Game Hacking - YouTube
- A Course on Android Malware Analysis: Day 1 of 3 - YouTube
Specific Malware Writeups
- A technical analysis of Pegasus for Android – Part 1 – CYBER GEEKS
- A technical analysis of Pegasus for Android – Part 2 – CYBER GEEKS
- A technical analysis of Pegasus for Android – Part 3 – CYBER GEEKS
- Eastern Asian Android Assault - FluHorse - Check Point Research
- Android Malware/Spyware Analysis | Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware
- BRATA Android Malware Gains Advanced Mobile Threat Capabilities
- Android Malware Post | Lexfo's security blog - Obfuscated obfuscation
- Android Booting Shenanigans | Magisk
- Android App Reverse Engineering 101 | Learn to reverse engineer Android applications!
- APK Components | secrary[dot]com
- Leveraging a Hooking Framework to Expand Malware Detection Coverage on the Android Platform
- Statically unpacking android malware | GitHub - eybisi/kavanoz: Statically unpacking common android banker malware.
MacOS Malware Stuff
- New 'CloudMensis' macOS Spyware Used in Targeted Attacks | SecurityWeek.Com
- The Art Of Mac Malware: Volume I: Analysis
- The Art of Mac Malware
- Objective-See's Mac Malware Collection
- A Deep Dive into the OceanLotusAdversary Emulation for macOS & Linux | MITRE-Engenuity
- 'RustBucket' malware targets macOS
- macOS Kernel Debugging in IDA | Tutorial: Debugging the XNU Kernel with IDA Pro
- Mac OS Malware Analysis - Amr Ashraf
- LOLBins for Mac | infosecB/LOOBins: Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
Linux Malware Stuff
Samples
- Linux.Nasty: Assembly x64 ELF virus | TMZ Lair - Underground Coding
- New ultra-stealthy Linux backdoor isn’t your everyday malware discovery | Ars Technica
- OrBit: New Undetected Linux Threat Uses Unique Hijack of Execution Flow
- Detecting BPFDoor Backdoor Variants Abusing BPF Filters
- How to analyze Linux malware – A case study of Symbiote – CYBER GEEKS
- Detecting Linux Anti-Forensics: Timestomping
- Linux Performance Observability Tweet / Twitter
- WORKHORSE - Statically Linked Linux - BPF - the forgotten bytecode
- ELFEN: Automated Linux Malware Analysis Sandbox
Python Malware
- Snakes on a Domain: An Analysis of a Python Malware Loader
- Exploring Python Code Objects « late.am
- The Very High Level Layer — Python 3.11.3 documentation
- Pyarmor 8.2 Documentation — Pyarmor 8.2.0 documentation
- Pyarmor - Obfuscating Python Scripts
- IronLanguages/ironpython3: Implementation of Python 3.x for .NET Framework that is built on top of the Dynamic Language Runtime.
- File extension PYC details - PYC files How To (by File Extension Seeker)
Docs/Macros/Scripts
AutoIt
- AutoIT Tools | V1V1/OffensiveAutoIt: Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/)
- AutoIT Tools | dzzie/myaut_contrib: mod to myaut2exe decompiler
- AutoIT Tools | x0r19x91/UnAutoIt: The Cross Platform AutoIt Extractor
- AutoIt Script Editor Downloads - AutoIt
- AutoIt Tools | MattDiesel/Ault: AutoIt Language Tools
- AutoIt Obfuscator — Protect AutoIt Script Source Code
- AutoIT | [FLREQ-16201] L1 analysis for 792c282d910feee48c3b3ca3c2640e8e - Jira Software
- FlareQScripts/autoit_deobfuscator at main · MandiantLabs/FlareQScripts
- AutoIt Debugger | DBUG_Demo - YouTube
JavaScript
- JS encryption, JS irreversible encryption, JS obfuscation, JS obfuscation encryption, JS compression encryption - [JavaScript encryption]
- Deobfuscate Obfuscator.IO Javascript | relative/synchrony: javascript-obfuscator cleaner & deobfuscator
Documents (Word/OneNote/PDF/etc)
- Analyzing a “multilayer” Maldoc: A Beginner’s Guide – NVISO Labs
- GitHub - decalage2/oletools: oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
- Analyzing Malicious Documents Cheat Sheet
- OpenOffice Documentation | The Microsoft Excel File Format
- FILEPASS Tool | oledump.py Version 0.0.59 | Didier Stevens
- openoffice/binarycodec.cxx at 202391d17634db7776868942325c45a7836d68df · apache/openoffice · GitHub
- OneNote Malware - Tips and Tricks for Investigating OneNote Malware Used to Deliver AsyncRAT - YouTube
- RE Corner - PDF Stream Dumper
- dzzie/pdfstreamdumper: research tool for the analysis of malicious pdf documents. make sure to run the installer first to get all of the 3rd party dlls installed correctly.
- jonaslejon/malicious-pdf: 💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
Excel/XLM
- DissectMalware/XLMMacroDeobfuscator: Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
- Unhide Hidden Sheets in Excel Malware | A fast way to make all sheets visible that doesn't rely on hex editing: 1⃣ Alt F11 to open up VBA editor 2⃣ Control-G to bring up Immediate pane 3⃣ For Each ws In Sheets:ws.Visible=True:Next [Enter] https://t.co/0M2OmZzz0N" / Twitter
- Excel Deobfusation Tool | GitHub - DissectMalware/XLMMacroDeobfuscator: Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
- Excel 4 Macro Analysis: XLMMacroDeobfuscator - SANS Internet Storm Center
- Malicious Spreadsheet With Data Connection and Excel 4 Macros - SANS Internet Storm Center
- Maldoc: Excel 4.0 Macro | Didier Stevens
- FILEPASS | InfoSec Handlers Diary Blog - SANS Internet Storm Center
VBScript/VisualBasic
- Compile VBScript to Exe with VbsEdit
- Decompile Compiled VBS EXE with WinDbg | chentiangemalc
- VbsEdit - VBScript Editor with Debugger
- VPatch - Free Patch Generator
- Vb Reversing Info and Links
- Visual Basic Opcode Database
- johnchamberlain.com/vb_vm.html
- Eternal Bliss VB Crackme 10
- Visual Basic 5/6 compiler memory leak inside created executable files | sysenter-eip.github.io
- ViperMonkey: A VBA/VBS parser and emulation engine to analyze malicious macros.
- Macro Malware Analysis
- Program Transformation Wiki / Visual Basic Decompilers
- P32Dasm - VB5/VB6 PCode Decompiler
- Some Good Deobfuscation Techniques for Batch Script, Macros, Docs
- Deobfuscating Scripts | Malware Hell
Miscellaneous/Other Types of Files
NSIS
- NSIS Scripting Reference
- Download - NSIS
- System Plug-in (NSIS)
MSI
- Useful for Malicious MSI files | Orca.exe - Win32 apps | Microsoft Docs
- msidump | Handle Malicious MSI Files
- Ubuntu Manpage: msidump - dump the tables and streams contained in Windows Installer packages
- msitools - GNOME Wiki!
- "How to analyse malicious MSI files E.g. this Magniber MSI https://t.co/nF4aQ5dcHm It consists mostly of zeroes. 1. step: Unpack with 7zip. Among the unpacked files is a x64 DLL named "djrbwtwujn" But how is this DLL called? https://t.co/n5ZG0EiV2q" / Twitter
AutoCAD
- AutoCAD Malware - Computer Aided Theft | Forcepoint
- AutoCAD Malware Tools | Visual Lisp (VLX,FAS) and Visual Basic v5/v6 files Decompiling Procedure | LispBox
LNK files
- How to identify malicious lnk files
- Malware-Analysis-Fundamentals-Files-Tools.pdf
- ATM Malware Help | Global ATM Malware Wall
Automation & Dynamic Binary Instrumentation (DBI)
- Malware Analysis with Dynamic Binary Instrumentation Frameworks
- http://learnfrida.info
Repurposing Malware/Binaries
- GitHub - redballoonsecurity/ofrak: OFRAK: unpack, modify, and repack binaries.
- OFRAK: unpack, modify, and repack binaries
- /r/Malware
- Malware Analyst Resources: malware-gems: A not so awesome list of malware gems for aspiring malware analysts
- MalAPI - Categorized WinAPI calls from Malware
- xCyclopedia | The Encyclopedia for Executables | STRONTIC
- Malvuln - Malware security vulnerabilty research, vulnerable malware analysis, malware vulnerability analysis, computer security, malware vulnerabilty threat intel, cyber security, malware security research, Malware 0day
- Filesec.io - file extensions being used by attackers
- WTFBins
General RE Courses/Learning/Challenges
Books
- Reverse Engineering for Beginners Book (REALLY LONG)
- Reversing: Secrets of Reverse Engineering: Eldad Eilam
- The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler: Chris Eagle
- Hacker Disassembling Uncovered: Powerful Techniques To Safeguard Your Programming: Kris Kaspersky: 9781931769228: Amazon.com: Books
- The Shellcoder's Handbook: Discovering and Exploiting Security Holes: Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte: 9780470080238: Amazon.com: Books
- Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
- The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
- Gray Hat Hacking: The Ethical Hacker's Handbook, Fifth Edition
- The Antivirus Hacker's Handbook
- Exploiting Software: How to Break Code: Greg Hoglund, Gary McGraw: 9780201786958: Amazon.com: Books
- Reverse Engineering for Beginners
- Reverse Engineering Reading List: A list of Reverse Engineering articles, books, and papers
- RE Study | Research Paper
- "Reverse Engineering for Beginners" free book
Videos
- Quick Tips For Learning Assembly and Reverse Engineering at The Same Time - YouTube
- JStros | Reverse Engineering - YouTube
- Practical x64 Assembly and C++ Tutorials - YouTube
Intro Courses
Good Hands On Intro to Cracking and Basic RE
- Lenas Reversing for Newbies
- Tutorials « The Legend Of Random
- Cracking Sublime Text 3
- zerosum0x0: Removing Sublime Text Nag Window
Video Presentations
- Reverse Engineering 101 - NYU Poly - 2009
- Reverse Engineering 101 - NYU:Poly 2010
- Reverse Engineering 102 - NYU:Poly 2010
- Reverse Engineering 1 - NYU Poly 2011
- Reverse Engineering 2 - NYU Poly 2011
Open Security Training
- Open Security Training - Introduction To Reverse Engineering
- Open Security Training - Life Of Binaries
- The Life of Binaries - YouTube
- Software RE Resources | NSA Codebreaker Challenge
- Microcorruption - Interactive Intro to RE
- RE for Beginners | Reverse Engineering
- RPI - CSCI 4971 - Secure Software Principles (RE stuff)
- RE guide for beginners: Methodology and tools - Reverse Engineering - 0x00sec
- Reverse Engineering 101 - Reverse Engineering - 0x00sec
- [Tutorial] Reversing a multi stage binary step-by-step - Reverse Engineering - 0x00sec - The Home of the Hacker
- RPISEC INTROSEC
- How to Reverse Engineer Software (Windows) in a Right Way
- Bootstrapping Understanding: An Introduction to Reverse Engineering
- All && Everything
- Static Program Analysis
- SAT/SMT Solver - MIT Wiki Service
- 2019-x86-64-Assembly.pdf
- JHUAPL/Beat-the-Machine: Reverse engineering basics in puzzle form
- Introduction to Reverse Engineering with Ghidra | Hackaday.io
- Software Reverse Engineering and Malware Analysis
- mytechnotalent/Reverse-Engineering: A FREE comprehensive reverse engineering course covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
- Tutorials « The Legend Of Random
- 90 COS Reverse Engineering
- Training Classes — Möbius Strip Reverse Engineering
- Signal Labs | Reverse Engineering
- JStroschein | Introduction to Reverse Engineering - YouTube
Conferences
- Hexacon - Welcome
- REcon - Home
Challenges
Bombs
- RPI Bomb
- Reversing and Exploiting a Nuclear Bomb ;) - Reverse Engineering - 0x00sec - The Home of the Hacker
- Linux Bomb Walkthrough – Part1 (Setup) – mcb101
- CMU Lab: Defusing a Binary Bomb
Crackme
- Crackmes.one
- [KEYGENME - EASY] Cracking Your First Program - Reverse Engineering / Challenges - 0x00sec
- Malwarebytes CrackMe 2 by hasherazade
- Mastermind crackme by Spider
- How to solve the Malwarebytes CrackMe: a step-by-step tutorial | Malwarebytes Labs
Crypto
- The Cryptopals Crypto Challenges
CTF Writeups/Challenges
- VIDEO: Tips, Tricks, and Clues to Escape the LabyREnth CTF
- Palo Alto - LabyREnth
- [Crackme] ESET Crackme Challenge 2015 - Archived - Tuts 4 You
- "ESET - Malware analyst challenge"
- ESET CrackMe Challenge 2015 Walkthrough - UIC Academy
- Crack me ESET site
- SANS 2018 Holiday Hack Writeup
- SANS Penetration Testing | SANS 2015 Shmoo Challenge Winners and Official Answer | SANS Institute
- ROOTCON 2019's CTF Writeups for Web Category - InfoSec Write-ups - Medium
- SAN 2015 Challenge #ShmooCon - writeup
- SANS 2017 Holiday Hack Writeup
- 2018 Flare-On Challenge Solutions « 2018 Flare-On Challenge Solutions | FireEye Inc
- 2019 Flare-On Challenge Solutions | FireEye Inc
- Coding | Reversing: Flare-On Challenge 2017 Writeup
- 2017 Flare-On Challenge Solutions « 2017 Flare-On Challenge Solutions | FireEye Inc
- Network Forensics Puzzle Contest
- Network Forensics Puzzle Contest 2014 Walkthrough – Network Forensics Puzzle Contest
- Network Forensics Puzzle 2014 – BytePuzzles
- DEFCON 22 Network Forensics Puzzle Contest Walkthrough : netsec
- SANS Digital Forensics and Incident Response Challenge
- GitHub - o-o-overflow/dc2021f-ooows-public
- Perfect Blue hitcon-ctf-2021 writeups
VM Challenge
- Solving a VM-based CrackMe - 0ffset
- RE CTF | flare-on.com
- Reverse Engineering & Exploitation of a “Connected Alarm Clock” – Courk's Blog
- 2018 B-day Reverse Engineering Challenge
- CSAW_2009 RE Challenge
- Flareon 5 Challenge 6 - Magic (Walk through - Reverse Engineering) - YouTube
- Reverse Engineering challenges
- pwnable.xyz
- https://www.reversinghero.com
- 2018 Flare-On Challenge Solutions « 2018 Flare-On Challenge Solutions | FireEye Inc
- 2017 Flare-On Challenge Solutions « 2017 Flare-On Challenge Solutions | FireEye Inc
C++ RE
- Reversing C++
Full-Stack Reverse Engineer
- How to become a "full-stack reverse-engineer" (a term that I might have completely made up, but I'm rolling with it). This is not intended to make you a competent desktop app reverse-engineer, or console reverse-engineer, or kernel reverse-engineer
- How to become a full-stack reverse-engineer - Google Slides
- Becoming a full-stack reverse-engineer - YouTube
- The Role of the Control Flow Graph in Static Analysis
- Introduction · Reverse Engineering
- A curated list of Assembly Language / Reversing / Malware Analysis -resources
- Shitsco CTF Problem Walkthrough – Georgia Weidman – Medium
- Blizzard CTF 2017 – The LichKing Reverse Engineering challenge walkthrough | Shortjump!
- Beginner RE Resources
- [Tutorial] An example of reversing an undocumented game file format
- Exam surveillance - the return. (ExamCookie) | vmcall
- A suggested route to beginner Reverse Engineering and Vulnerability Research
- CS:APP2e, Bryant and O'Hallaron
- Awesome-reversing: A curated list of awesome reversing resources
- Speculating the entire x86-64 Instruction Set In Seconds with This One Weird Trick – Can.ac
- Guy's 30 Reverse Engineering Tips & Tricks
- An opinionated guide on how to reverse engineer software, part 1 | Margin Research
- RE-Mind: First Look Inside the Mind of a Reverse Engineer
Tools (Disassemblers/Decompilers/Debuggers/Hex Editors)
GHIDRA - Static Analysis - Disassembler/Decompiler
Ghidra Plugins
Plugin Development
- Ghidra Plugin Development for Vulnerability Research - Part-1 — Somerset Recon
- ghidra/DevGuide.md at master · NationalSecurityAgency/ghidra · GitHub
- felberj/gotools: Plugin for Ghidra to assist reversing Golang binaries
- SVD-Loader for Ghidra: Simplifying bare-metal ARM reverse engineering :: Security for the embedded and connected world
- Using OOAnalyzer to Reverse Engineer Object Oriented Code with Ghidra
- OOAnalyzer: Binary Static Analysis of Object Oriented Code
- astrelsky/Ghidra-Cpp-Class-Analyzer: Ghidra C++ Class and Run Time Type Information Analyzer
- Battelle Publishes Open Source Binary Visualization Tool
- Battelle/cantordust: Public repository for Cantordust Ghidra plugin.
- GhiHorn: Path Analysis in Ghidra Using SMT Solvers
- Two Tools for Malware Analysis and Reverse Engineering in Ghidra
- AllsafeCyberSecurity/LazyGhidra: Make your Ghidra Lazy!
- 2igosha/ghidraal: A Ghidra extension for scripting with GraalVM languages, including Javascript, Python3, R, and Ruby.
- GitHub - clearbluejar/ghidriff: Python Command-Line Ghidra Binary Diffing Engine
- GitHub - Comsecuris/gdbghidra: gdbghidra - a visual bridge between a GDB session and GHIDRA
- IDA Boolean Math Obfuscation Reducer | Hands-Free Binary Deobfuscation with gooMBA – Hex Rays
- IDA Boolean Math Obfuscation Reducer | GitHub - HexRaysSA/goomba: gooMBA is a Hex-Rays Decompiler plugin to simplify Mixed Boolean-Arithmetic (MBA) expressions
- GitHub - CENSUS/ghidra-frida-hook-gen: Frida hook generator for Ghidra
- GitHub - Nalen98/AngryGhidra: Use angr in Ghidra
- GitHub - Sentinel-One/VTgrepGHIDRA
- mandiant/Ghidrathon: The FLARE team's open-source extension to add Python 3 scripting to Ghidra.
- Ghidrathon: Snaking Ghidra with Python 3 Scripting | Mandiant
Ghidra Scripts
- ghidraninja/ghidra_scripts: Scripts for the Ghidra software reverse engineering suite.
- fmagin/ghidra_scripts
- ghidra scripting API
- GHIDRA scripting - Artra Downloader strings decryptor
- Finding instances of a structure using script : ghidra
- Introduction to Ghidra Scripting for Embedded ELFs and UPX · Arch Cloud Labs
SLEIGH
- decompiler: SLEIGH
- SLEIGH
Data Types
- Extra Ghidra Data Types
Videos to Learn From
- HackadayU: Reverse Engineering with Ghidra Class 1 - YouTube
- First Look at Ghidra (NSA Reverse Engineering Tool) - YouTube
- Ghidra Reversing Tutorials - Getting Started with Reverse Engineering - YouTube
- Ghidra RSA Presentation
- Ghidra Ninja - YouTube
- Reversing Android Bluetooth Chipsets with Ghidra - YouTube
- Mike Bell: Extending Ghidra: from Script to Plugins and Beyond on Vimeo
- Using NSA's Ghidra to make a keyboard backlight match in-game graphics of SuperHexagon : programming
- Ghidra Code Analysis with Anuj Soni - YouTube
Ghidra Courses
- INFILTRATE 2019 - Three Heads are Better Than One: Mastering Ghidra
- Online Courses – Ghidra
P Code
- P Code Internals
- How pcode works Pt1
- Working With Ghidra's P-Code To Identify Vulnerable Function Calls - River Loop Security
- GitHub - Nalen98/GhidraEmu: Native Pcode emulator
Ghidra Books
- The Ghidra Book | No Starch Press
Other Ghidra Help/Tips/Shortcuts/Things
- Ablity to load external libraries after loading a project · Issue #396 · NationalSecurityAgency/ghidra
- Opening .gar project file
- Ghidra Cheat Sheet
- Ghidra: A quick overview for the curious | Shortjump!
- A Vagrantfile for provisioning a VM with Ghidra and X11 forwarding enabled.
- Here Be Dragons: Reverse Engineering with Ghidra - Part 1 [Data, Functions & Scripts]
- zackelia/ghidra-dark: Dark theme installer for Ghidra
- Patch Diffing with Ghidra - Low-level Shenanigans
- GitHub - NationalSecurityAgency/ghidra
- Ghidra
- Ghidra Installation Guide
- Frequently asked questions · NationalSecurityAgency/ghidra Wiki · GitHub
IDA Pro/HexRays - Static Analysis - Disassembler/Decompiler
Igor's Tips
- Igor’s Tip of the Week #153: Copying pseudocode to disassembly – Hex Rays
- Igor’s tip of the week: Season 03 – Hex Rays
- Igor’s tip of the week #60: Type libraries – Hex Rays
- Change IDA register call to function call | Igor’s Tip of the Week #115: Set callee address – Hex Rays
- IDA Add missing offsets | Igor’s tip of the week #12: Creating structures with known size – Hex Rays
- jump table but IDA did not recognize it? Igor’s tip of the week #53: Manual switch idioms – Hex Rays
- assembly snippets in the pseudocode due to instructions not yet supported - Decompile as call – Hex Rays
- Igor’s Tip of the Week #161: Extracting substructures – Hex Rays
Plugins
- GitHub - patois/IDACyber: Data Visualization Plugin for IDA Pro
- GitHub - onethawt/idaplugins-list: A list of IDA Plugins
- Hex-Rays: Plugin repository
- The Hex-Rays plugin repository – Hex Rays
- GitHub - x64dbg/x64dbgida: Official x64dbg plugin for IDA Pro.
- Good IDB Diff Tool (Takes a bit of time to run) joxeankoret/diaphora: Diaphora, the most advanced Free and Open Source program diffing tool.
- Plugin focus: ComIDA – Hex Rays
- Export IDA Labels/Function Names to x64dbg | GitHub - a1ext/labeless: Labeless is a multipurpose IDA Pro plugin system for labels/comments synchronization with a debugger backend, with complex memory dumping and interactive Python scripting capabilities.
- arizvisa/ida-minsc: IDA-minsc is a plugin for IDA Pro that simplifies IDAPython. The API is grouped into contextual modules, and is dumbed down by removing the concept of types (DWIM). This allows one to script w/ very little investment or the need for documentation. Click "Watch" to keep track of any ongoing development, and smash that "Star" button if you like this.
- daniel_plohmann / simpliFiRE.IDAscope — Bitbucket
- GitHub - JusticeRage/Gepetto: IDA plugin which queries OpenAI's ChatGPT to explain decompiled functions
- Better IDA Structure Creation | oopsmishap HexRaysPyTools: IDA Pro plugin which improves work with HexRays decompiler and helps in process of reconstruction structures and classes
- x64dbg/LabelPEB: Plugin to label PEB addresses.
- Open Source ChatGPT on Laptop | GitHub - nomic-ai/gpt4all: gpt4all: a chatbot trained on a massive collection of clean assistant data including code, stories and dialogue
- IDA Plugin for adding call context for jmp/call register | kweatherman/ida_missinglink: IDA Plugin that fills in missing indirect CALL & JMP target information
- Plugin focus: ttddbg – Hex Rays
- Rust analysis plugin tech preview – Hex Rays
- IDA-Pro/plugins/flare-ida/msdn-annotations - aldeid
- FLARE IDA Pro Script Series: MSDN Annotations Plugin for Malware Analysis | FireEye Inc
- GitHub - mandiant/flare-ida: IDA Pro utilities from FLARE team
Scripts/Scripting
IDA Python
- 0xgalz/Virtuailor: IDAPython tool for creating automatic C++ virtual tables in IDA Pro
- inforion/idapython-cheatsheet: Scripts and cheatsheets for IDAPython
- ida/idapython_tools/findcrypt at master · you0708/ida · GitHub
- IDA Python Tutorial | All things IDA
- RETools/IdaScripts at master · stevemk14ebr/RETools
- FLARE IDA Pro Script Series: Simplifying Graphs in IDA « FLARE IDA Pro Script Series: Simplifying Graphs in IDA | FireEye Inc
- Change IDA Register Call to Function Call | FLARE IDA Pro Script Series: Applying Function Prototypes to Indirect Calls « Threat Research Blog | FireEye Inc
- IDA Scripting Help | Porting from IDAPython 6.x-7.3, to 7.4
- GitHub - mandiant/flare-ida: IDA Pro utilities from FLARE team
Videos
- Basic Dynamic Analysis with IDA Pro and WinDBG - YouTube
- Real-world Decompilation with IDA Pro - Part 1: Introduction - YouTube
- Real-world Decompilation with IDA Pro - Part 2: String Handling - YouTube
- IDA Pro Malware Analysis Tips - YouTube
- IDA Pro Decompiler Basics Microcode and x86 Calling Conventions - YouTube
- Analyzing and Creating Structures in IDA Pro - YouTube
IDA FLIRT
- GitHub - Maktm/FLIRTDB: A community driven collection of IDA FLIRT signature files
- IDA F.L.I.R.T. Technology: In-Depth – Hex Rays
Other IDA Help/Tips/Shortcuts/Things
- IDA Pro Shortcuts pdf
- IDA Pro Extra Downloads
- IDA Pro Update (use ida.key file)
- ida - Hex-Rays not properly showing strings - Reverse Engineering Stack Exchange
- Bit Mask IDA Enum for multiple values (OR'd Flags)
- How to Bit Mask IDA Enum for multiple values (OR'd Flags)
- IDA Shortcuts [PDF]
- GitHub - mandiant/FIDL: A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
- https://hex-rays.com/wp-content/static/products/ida/support/idapython_docs/
- The Basics of IDA Pro - InfoSec Resources
- Reversing Basics - A Practical Approach Using IDA Pro | www.SecurityXploded.com
- ida pro tutorial for beginners - Google Search
- IDA series, part 2: debugging a .NET executable
- IDA series, part 1: the Hex-Rays decompiler
- Marco Ramilli's Blog: How to Patch Binary with IDA Pro
- Binary Cracking & Byte Patching with IDA Pro - CodeProject
- Using Z3 with IDA to simplify arithmetic operations in functions | Shortjump!
- TiGa's Video Tutorial Site
- RE for Beginners | Short Intro to IDA
- TiGa Tuts - IDA Pro Disassembler & Debugger - Tuts 4 You
- Info-security/binary-auditing-training: Free IDA Pro Binary Auditing Training Material for University Lectures - from http://binary-auditing.com . Contains decrypted/unzipped files along with original zip archive and site's index.html
- Free IDA Pro Reverse Code Engineering and Binary Auditing Training Material for University Lectures
- endofunky/ida-nord-theme: A dark Nord theme port for Hex Rays IDA
Binary Ninja - Static Analysis - Disassembler/Decompiler
- Reverse Engineering with Binary Ninja and gdb a key checking algorithm - TUMCTF 2016 Zwiebel part 1 - YouTube
- GitHub - ColdHeat/liil: Linear IL view for Binary Ninja
- Binary Ninja
- 2000 cuts with Binary Ninja | Trail of Bits Blog
- binary ninja Defcon 2017
- De-obfuscating Jump Chains with Binary Ninja - This is Security :: by Stormshield
Radare2 - Static Analysis - Disassembler/Decompiler
- dukebarman/awesome-radare2: A curated list of awesome projects, articles and the other materials powered by Radare2
- GitHub - radare/radare2: unix-like reverse engineering framework and commandline tools
- A journey into Radare 2 – Part 2: Exploitation – Megabeets
- Scripting radare2 with python for dynamic analysis - TUMCTF 2016 Zwiebel part 2 - YouTube
- Radare2: An Introduction to Visual Mode - MOVEAX.ME
- Reverse Engineering Using Radare2 – Jacob Pimental – Medium
- Reverse Engineering With Radare2 — Part 2 – Jacob Pimental – Medium
- Crackme0x04 Dissected with Radare2 - MOVEAX.ME
- Crackme0x03 Dissected with Radare2 - MOVEAX.ME
- Crackme0x05 Dissected with Radare2 - MOVEAX.ME
- Crackme0x06 Dissected with Radare2 - MOVEAX.ME
- Crackme0x07 Dissected with Radare2 - MOVEAX.ME
- Crackme0x08 Dissected with Radare2 - MOVEAX.ME
- Debugging Using Radare2… and Windows! – Jacob Pimental – Medium
- Crackme0x09 Dissected with Radare2 - MOVEAX.ME
- Reversing a Self-Modifying Binary with radare2 – Megabeets
- Reverse engineering a Gameboy ROM with radare2 – Megabeets
- BombLab Dissected with Radare2 - MOVEAX.ME
- Dr Von Noizeman's Nuclear Bomb defused with Radare2 - MOVEAX.ME
- Crackme0x01 Dissected with Radare2 - MOVEAX.ME
- Conditions and loops – Max Kersten
- radare2 python scripting - r2wiki
- radare2-extras/r2snowman at master · radare/radare2-extras
- radareorg/radeco: radare decompiler tool based on radeco-lib
- radareorg/cutter: A Qt and C++ GUI for radare2 reverse engineering framework
- A journey into Radare 2 – Part 1: Simple crackme – Megabeets
- Cutter - Radare2 GUI w/Ghidras Decompiler
Hopper - Linux and MacOS Disassembler/Decompiler
- Hopper - Linux and MacOS Disassembler
Debuggers
GDB - Debugger
Record and Replay
- GDB and Reverse Debugging
- gdb record and replay - Google Search
- gdb server - Google Search
- gdb - How do I use watchpoints?
- Debugging with GDB - Set Watchpoints
- GDB Command Reference - Breakpoint and watchpoint management
- Debugging with GDB: Reverse Execution
- reverse-continue gdb - Google Search
GEF - Exploit Dev plugin
- Features - GEF - GDB Enhanced Features documentation
CMU Tutorials
- gdb Tutorial
- CMU-GDB-Slides
Debugging with Python
- Basic Python (Debugging with GDB)
- How to write user-defined GDB commands in Python | Undo
- Commands In Python - Debugging with GDB
- Beej's Quick Guide to GDB
- RMS's gdb Tutorial
- GDB and Pwntools training
- Debugging with GDB Introduction | Azeria Labs
- longld/peda: PEDA - Python Exploit Development Assistance for GDB
- Using GDB to Develop Exploits - A Basic Run Through
- GDB Command Reference - x command
- GDB Basics
- Quick Gdb Guide
- Debugging with GDB: Memory
- tools - How to handle stripped binaries with GDB? No source, no symbols and GDB only shows addresses? - Reverse Engineering Stack Exchange
- cs01/gdbgui: Browser-based frontend to gdb (gnu debugger). Add breakpoints, view the stack, visualize data structures, and more in C, C++, Go, Rust, and Fortran. Run gdbgui from the terminal and a new tab will open in your browser.
- debuggers - Decent GUI for GDB - Reverse Engineering Stack Exchange
- How to highlight and color gdb (and other alternatives)
- snare/voltron: A hacky debugger UI for hackers
- PEDA Slides
- Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers: GEF
- GNU Debugger Tutorial
- Guide to Faster, Less Frustrating Debugging
- GDB Primer
- Georgia Tech - Debugging with GDB
- Using GDB to Develop Exploits - A Basic Run Through
- Home - GEF - GDB Enhanced Features documentation
- gdb-refcard.pdf
- GDB Cheat Sheet
- Art of Debugging | No Starch Press
- Stanford-GDB-Slides.pdf
- Debugging C/C++ Programs Remotely Using Visual Studio Code and gdbserver
- Awesome GDB
- Debugging with GDB - Set Breaks
- gdb-refcard.pdf
- Debugging with GDB: Top
- CMU-GDB-Slides
x64dbg - Debugger
- x64dbg
- Plugins · x64dbg/x64dbg Wiki · GitHub
- GitHub - x64dbg/x64dbg: An open-source x64/x32 debugger for windows.
- x64dbg - Tuts 4 You
- utkonos/lst2x64dbg: Extract labels from IDA .lst or Ghidra .csv file and export x64dbg database.
- What is x64dbg + How to Use It | Varonis
- x64dbg with Python Scripting + Mona.py | therealdreg/x64dbg-exploiting: Do you want to use x64dbg instead of immunity debugger? oscp
- x64dbgpy_cheat_sheet: My personal cheat sheet for the x64dbg python plugin.
Windbg - Windows Debugger
Time Travel Debugging
- airbus-cert/ttddbg: Time Travel Debugging IDA plugin
- Time Travel Debugging - Overview - Windows drivers | Microsoft Learn
- Time Travel Debugging - TTD.exe command line utility - Windows drivers | Microsoft Learn
- New WinDbg available in preview! – Debugging Tools for Windows
- Introduction to Windbg and debugging windows - YouTube
- WinDbg Basics for Malware Analysis - YouTube
- WinDbg Basics for Malware Analysis - YouTube
- WinDbg
- Debugging Tools for Windows (WinDbg, KD, CDB, NTSD) - Windows drivers | Microsoft Docs
- Getting Started with Windows Debugging - Windows 10 hardware dev
Immunity Debugger
- Immunity Debugger Downloads / Downloads - Tuts 4 You
OllyDbg - Debugger
- OllyDbg 2.0
- OllyDbg v1.10
- danh3707/OllyDbgV1.10-plugins-and-Hlpfile: OllyDbg v1.10 with plugins and help32 file along with windows 10 help32 fix. With a dark color scheme.
HyperDbg - New Kernel/User Debugger
- HyperDbg: open-source, community-driven, hypervisor-assisted, user-mode and kernel-mode Windows debugger
- HyperDbg Examples & Getting Started
- Debuggers 3301: HyperDbg | OpenSecurityTraining2
Bochs Debugger
- debugging_bochs.pdf
- Thinking Outside the Bochs: Code Grafting to Unpack Malware in Emulation | FireEye Inc
- rr: lightweight recording & deterministic debugging
- Debuggex: Online visual regex tester. JavaScript, Python, and PCRE.
- qira
Kernel Debugging
- Setting Up Kernel-Mode Debugging of a Virtual Machine Manually using a Virtual COM Port - Windows drivers | Microsoft Docs
- Boot Parameters to Enable Debugging - Windows drivers | Microsoft Docs
Symbolic Execution (z3, angr, etc)
Angr - static and dynamic symbolic ("concolic") binary analysis
- angr · GitHub
- angr, a binary analysis framework
- Angr - Dynamic Symbolic Execution | Good for Crackmes
- Defeating Code Obfuscation with Angr
- GitHub - angr/angr-management: A GUI for angr. Being developed *very* slowly.
- ANGR Python Scripting Cheatsheet - Malware Hell
z3
- Programming Z3
- Z3 find bug in game decisions | Using Techniques from Compiler Design to Check Your Narrative - YouTube
- Using z3 to find a password and reverse obfuscated JavaScript - Fsec2017 CTF - YouTube
- Solver like z3 | GitHub - cvc5/cvc5: cvc5 is an open-source automatic theorem prover for Satisfiability Modulo Theories (SMT) problems.
- Dealing with Huge Call Graphs - Symbolic Execution Demystified 2022.pdf at main · JannisKirschner/SymbolicExecutionDemystified · GitHub
- Ringzer0 - Practical Symbolic Execution for VR and RE
- Symbolic Execution for Security Researchers Talk
Other Decompiler/Compiler Related Things
- Decompiler Explorer
- Binary Ninja - Introducing Decompiler Explorer
- OneCompiler - Write, run and share code online | Free online compiler with 40+ languages
- Compiler Explorer - Programming Language to Assembler Converter
- x86 Disassembly/Disassemblers and Decompilers - Wikibooks, open books for an open world
- GitHub - trailofbits/fennec: Rewriting functions in compiled binaries
RE Scripts
- Useful Reverse Engineering (RE) tools & Scripts
Hex Editors
- 010 Editor - Professional Text/Hex Editor with Binary Templates
- List of Hex Editors
- GitHub - WerWolv/ImHex: A Hex Editor for Reverse Engineers, Programmers and people that value their eye sight when working at 3 AM.
- echo-devim/fhex: A Full-Featured HexEditor compatible with Linux/Windows/MacOS
- Hex viewers and editors / Twitter
CyberChef Things
- Substitute, From Base64, To Hex - CyberChef
- GitHub - NextronSystems/CyberChef: CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
BigMatch | Open Source Library Checker
- Help Find Open Source Libraries Based On Strings and Things | Big Match - "I'm findin' it"
- Help Find Open Source Libraries Based On Strings and Things | Big Match: matching open source code in binaries for fun and profit - rev.ng
Binary Diffing
- Release BinDiff 8 Open Source · google/bindiff · GitHub
Searching on Windows
- Really good search tool to use instead of Windows Search | voidtools - everything search tool
- (Agent Ransack mimic) - ripgrep: ripgrep recursively searches directories for a regex pattern while respecting your gitignore
Extracting From Memory
- Unblob Twitter Post
- unblob - extract everything!
- FireyFly/pixd: 🔍 Colourful visualization tool for binary files
- Tenet: A Trace Explorer for Reverse Engineers | RET2 Systems Blog
- TETRANE - Automated Reverse Engineering Platform
- Heng Yin on Twitter: "I am glad that our deep learning-based disassembler paper is accepted by USENIX Security 2022. Hundreds of times faster than IDA when running on GPU, and robust to various obfuscations. Thus, it is an ideal tool for disassembling malware. https://t.co/eX7FD8ROu0" / Twitter
- Veles - Visual Binary Analysis Tool
- Massive List Of Reverse-Engineering Tools
- GitHub - BinaryAnalysisPlatform/bap: Binary Analysis Platform
- ASCII Table
Programming/Assembly Language for RE's
Specific Assembly Language Stuff
Intel x86/64
Books
- PC Assembly Language Book
- Assembly Language Step-by-Step Third Edition: Jeff Duntemann: 8601400126363: Amazon.com: Books
- Assembly Language for x86 Processors (7th Edition): 9780133769401: Computer Science Books @ Amazon.com
- Beginning x64 Assembly Programming: From Novice to AVX Professional: Van Hoey, Jo: 9781484250754: Amazon.com: Books
- Assembly Programming and Computer Architecture for Software Engineers: 9781943153329: Computer Science Books @ Amazon.com
- Recommended - PC Assembly Book
- gurugio/book_assembly_8086
Docs/Instruction References
- x86 Assembly - Wikibooks, open books for an open world
- x86 Disassembly - Wikibooks, open books for an open world
- Intel® 64 and IA-32 Architectures Software Developer Manuals | Intel® Software
- x86 and amd64 instruction reference
- Mirror of: Into the Void: x86 Instruction Set Reference
Courses
Open Security Training
- Open Security Training - Intro to X86
- Open Security Training - Intro to X86-64
- Open Security Training - Intermediate X86
- A Crash Course in x86 Assembly for Reverse Engineers
- A crash course in x86 Assembly
- UV Course | Program and Data Representation
Videos
- x86 Assembly - YouTube - YouTube
- Breaking the x86 Instruction Set - YouTube
- Modern x64 Assembly - YouTube
Useful Tools
- Quickly Assemble x86
- Assembly x86 Emulator
- jasmin download | SourceForge.net
Useful Blog Posts and Tips
- Best x86 Assembly Quick Guide | The faker's guide to reading (x86) assembly language // TimDbg
- WORTH READING - x86 Disassembly.pdf
- xorpd | xchg rax,rax
- assembly - Difference between long and short jump (x86) - Stack Overflow
- gcc x86 Assembly
- Yale Guide to x86 Assembly
- Applied Reverse Engineering: Accelerated Assembly [P1] - Reverse Engineering
- x86 cpu-internals: Intel / AMD CPU Internals
- Guide to x86 Assembly
ARM
- Great Intro to ARM Assembly | Writing ARM Assembly (Part 1) | Azeria Labs
- ARM 32-Bit Assembly Basics Cheat Sheet (18" x 24")
- Azeria Arm Exploit Lab Guide
- Azeria Arm Exploit Slides
- Online Arm Assembler by Azeria Labs
- Tonc: Whirlwind Tour of ARM Assembly
- ARM Information Center
- Assembler User Guide: ARM Compiler v5.06 for µVision armasm User Guide
- ARM Information Center
- Procedure Call Standard for the Arm® Architecture — ABI 2019Q4 documentation – Arm Developer
- Procedure Call Standard for the Arm Architecture
- SVE Programming Examples
- Running Arm Binaries on x86 with QEMU-User | Azeria Labs
- ARM Assembly w/ RPi
- Comparisons of ARM disassembly and decompilation – Hex Rays
- ARM 64 Assembly Series — Offset and Addressing modes | by +Ch0pin🕷️ | Jul, 2022 | Medium
- ARM Stuff | The Oddest Place You Will Ever Find PAC | RET2 Systems Blog
MIPS
- Ring Ø Labs: The Wonderful World of MIPS
- A Crash course in MIPS assembly programming
- MIPS Primer | Breaking the D-Link DIR3060 Firmware Encryption - Recon - Part 1
- MIPS32 Instruction Set Quick Reference
- MIPS Quick Tutorial
- MIPS Assembly: Data, Registers, and Mimicking Scope - Olivia A. Gallucci
General RE/Assembly Language Concepts
Games/Challenges to Learn From
- Squally on Steam
- GitHub - Squalr/Squally: 2D Platformer Educational Game for Teaching Game Hacking - C++/cocos2d-x
- while True: learn() on Steam
- Pwn.College | Assembly Crash Course
Videos to Learn From
- JStoschein | Learning Assembly - YouTube
- Quick Tips For Learning Assembly and Reverse Engineering at The Same Time - YouTube
Blog Posts to Learn From
- Getting ready for Assembly Language Programming – Part 1
- Getting ready for Assembly Programming – Anatomy of Intel Processor - Part 2
- Getting started with Assembly language programming - End of theory - Part 3
- Assembly Language Programming and Shellcoding - Lab setup and some important things - Part 4
- Assembly Language Programming and Shellcoding - Hello World - Part 5
- Assembly Language Programming and Shellcoding - Important Functions - Part 6
- Assembly Language Programming and Shellcoding – Important Functions – Part 7
- BOLO: Reverse Engineering — Part 1 (Basic Programming Concepts)
- BOLO: Reverse Engineering — Part 2 (Advanced Programming Concepts)
- When and how to use an assembler. Assembly programming basics.
- Assembly Language Succinctly
- Assembly Programming Exercises
- Intro Assembly Resources
- Compiler Explorer | See How Different Compilers Generate Assembly
- assembly - how to calculate this distance? - Reverse Engineering Stack Exchange
Windows RE
Courses
- CodeMachine - Training
- Möbius Strip Reverse Engineering
- Windows Internals Crash Course - YouTube
Kernel Stuff
Drivers
- Windows Drivers Reverse Engineering Methodology - VoidSec
- NVIDIA/open-gpu-kernel-modules: NVIDIA Linux open GPU kernel module source
- Debug Windows Drivers - Step-by-Step Lab (Echo Kernel Mode) - Windows drivers | Microsoft Docs
- Debug Universal Drivers - Step by Step Lab (Echo Kernel-Mode) - Windows 10 hardware dev
- CVE-2019-8372: Local Privilege Elevation in LG Kernel Driver - @Jackson_T
- (Windows Driver?) microsoft/msquic: Cross-platform, C implementation of the IETF QUIC protocol.
- GitHub - zodiacon/Recon2023: Recon 2023 slides and code
- Pavel Windows Kernel Programming samples | zodiacon/windowskernelprogrammingbook2e: Samples for the book Windows Kernel Programming, 2nd edition
- Windows-driver-samples/general/ioctl at main · microsoft/Windows-driver-samples · GitHub
- Windows-driver-samples/testapp.c at main · microsoft/Windows-driver-samples · GitHub
- WinIoCtlDecoder/WinIoCtlDecoder.py at master · tandasat/WinIoCtlDecoder
- System Service Descriptor Table - SSDT - Red Team Notes
- kernel windows msdn samples - Google Search
- Windows NT4 Kernel Source code
- An Introduction to Windows Kernel Debugging | Endgame
- Lord Of The Ring0 - Part 1 | Introduction - Ido Veltzman - Security Blog
- Lord Of The Ring0 - Part 2 | A tale of routines, IOCTLs and IRPs - Ido Veltzman - Security Blog
- Lord Of The Ring0 - Part 3 | Sailing to the land of the user (and debugging the ship) - Ido Veltzman - Security Blog
- Windows kernel driver static reverse using IDA and GHIDRA - vegvisir
- rabbitstack/fibratus - exploration and tracing of the Windows kernel
- Windows Kernel Heap: Segment heap in windows kernel Part 1 - Speaker Deck
Windows Internals Stuff
Dll Things
- Calling dll exported function in OllyDbg .dll debugging tutorial
- Debugging a DLL in IDA Pro – blank
- Dynamic-Link Library Best Practices - Win32 apps | Microsoft Docs
IIS Native Code HTTP Modules
- Structure of the Registry - Win32 apps | Microsoft Learn
- Analyzing Web Handler (*.ashx) | HTTP Handlers and HTTP Modules Overview | Microsoft Learn
- What Is An ASHX File Handler Or Web Handler
- Analyzing IIS Native-Code HTTP Modules 3 | Designing Native-Code HTTP Modules | Microsoft Learn
- Analyzing IIS Native-Code HTTP Modules 2 | IIS Modules Overview | Microsoft Learn
- Analyzing IIS Native-Code HTTP Modules | OilRig uses RGDoor IIS Backdoor on Targets in the Middle East
- Registering IIS Native-Code HTTP Modules w/ IIS | IIS Modules Overview | Microsoft Learn
Good Study Material
- GitHub - DebugPrivilege/InsightEngineering
MSDN Things
- Developer tools, technical documentation and coding examples | Microsoft Docs
- [MS-SAMR]: Generic ACCESS_MASK Values | Microsoft Docs
- Windows Data Types (BaseTsd.h) - Win32 apps | Microsoft Docs
- WaitForSingleObject function (synchapi.h) - Win32 apps | Microsoft Docs
- WaitForMultipleObjects function (synchapi.h) - Win32 apps | Microsoft Docs
- IMAGE_OPTIONAL_HEADER64 (winnt.h) - Win32 apps | Microsoft Docs
- IMAGE_OPTIONAL_HEADER32 (winnt.h) - Win32 apps | Microsoft Docs
- RUNTIME_FUNCTION (winnt.h) - Win32 apps | Microsoft Docs
- x64 exception handling | Microsoft Docs
- Operating System Version - Win32 apps | Microsoft Docs
- Getting the System Version - Win32 apps | Microsoft Docs
- GetSystemMetrics function (winuser.h) - Win32 apps | Microsoft Docs
- OSVERSIONINFOEXW (winnt.h) - Win32 apps | Microsoft Docs
- SYSTEM_INFO (sysinfoapi.h) - Win32 apps | Microsoft Docs
- GetProductInfo function (sysinfoapi.h) - Win32 apps | Microsoft Docs
- _OSVERSIONINFOEXW (wdm.h) - Windows drivers | Microsoft Docs
- RtlGetVersion function (wdm.h) - Windows drivers | Microsoft Docs
- OSVERSIONINFOEXA (winnt.h) - Win32 apps | Microsoft Docs
- Windows Data Types (BaseTsd.h) - Win32 apps | Microsoft Learn
- ZwMapViewOfSection function (wdm.h) - Windows drivers | Microsoft Learn
- NtCreateSection function (ntifs.h) - Windows drivers | Microsoft Learn
- PE Format - Win32 apps | Microsoft Learn
- x64 calling convention | Microsoft Docs
- _OSVERSIONINFOEXW (wdm.h) - Windows drivers | Microsoft Learn
- DPAPI | How to: Use Data Protection | Microsoft Learn
PE Stuff
PE Sections
- .pdata section windows - Structures contained in the .pdata section - Stack Overflow
- research32: Base relocation table
- pinvoke.net: IMAGE_EXPORT_DIRECTORY (Structures)
- PE relocation Table | MalwareID Unpacking Guide
TEB/PEB/TIB
- TEB and PEB – RvsEc0n
- Win32 Thread Information Block - Wikipedia
- Windows Structures | PEB | Vergilius Project | Home
- pics/binary/pe101/pe101.png at master · corkami/pics
- Twitter | Some indicators to recognize PE file manipulation
- Exploring the Portable Executable (PE) File Format - YouTube
- An In-Depth Look into Win32 Portable Executable File Format - Part 1
- A dive into the PE file format - Introduction - 0xRick’s Blog
- PE File Format
- trailofbits/pe-parse: Principled, lightweight C/C++ PE parser
- Peering Inside the PE: A Tour of the Win32 Portable Executable File Format | Microsoft Docs
- Protocol RE: Dead Packet Society
- Sector 876: Backdooring PE Files - Part 1
- Understanding the PE+ file format - Part 1 - YouTube
Useful Constants , Syscalls, & Other Important Numbers
Syscall Stuff
- Microsoft Windows System Call Table (NT/2000/XP/2003/Vista/2008/7/8/10)
- Windows WIN32K.SYS System Call Table (NT/2000/XP/2003/Vista/2008/7/8/10)
- Windows x86-64 WIN32K.SYS System Call Table (XP/2003/Vista/2008/7/2012/8/10)
- Understanding Syscalls: Direct, Indirect, and Cobalt Strike Implementation - d01a
- Windows Registry Constants - tcc/winreg.h at master · LuaDist/tcc · GitHub
- Module: Win32::Registry::Constants — Documentation for win32 (2.1.6)
- int32_min = 0xffffffff80000000
- Useful reference Windows Ports, Protocols, and System Services | Windows Ports, Protocols, and System Services - TechNet Articles - United States (English) - TechNet Wiki
- https://codemachine.com/downloads/win80/winnt.h
- [MS-DTYP]: Well-Known SID Structures | Microsoft Learn
- List of Device Driver Names | Hexacorn | Blog Week of Data Dumps, Part 1 – device names
- LANGID Windows Locals enum for quickly parsing malware language checks
- Language ID Enum for IDA | https://gist.githubusercontent.com/herrcore/22e820f1e8a99238070cd7c5b350261e/raw/e6afe13aefd028ff45af5e92b1dbf40d5a7d65ae/lang.h
Source Code and Useful API Docs
- ReactOS (open source Windows remake)
- NtDoc - The native NT API online documentation
- KERNELBASE Functions
Courses & Course Slides/Material
- Windows Internals Crash Course Slides
IPC
- Offensive Windows IPC Internals 1: Named Pipes · csandker.io
- RPC Internals - Offensive Windows IPC Internals 2: RPC · csandker.io
- Offensive Windows IPC Internals 3: ALPC · csandker.io
COM Stuff
- UAC bypass using CMSTPLUA COM interface
- Use-COM-objects-to-bypass-UAC/IARPUninstallStringLauncher.cpp at master · 3gstudent/Use-COM-objects-to-bypass-UAC
- Window Stations and Desktops – Pavel Yosifovich
- Windows 10 Desktops vs. Sysinternals Desktops – Pavel Yosifovich
- zodiacon Github (Pavel Yosifovich)- Good Windows Internals Tools
- Windows Internals Blog | de engineering
- Windows Internals Blog – Winsider Seminars & Solutions Inc.
- Mastering Windows Access Control: Understanding SeDebugPrivilege | Binary Defense
- Windows Internals | Windows Processes - HackTricks
- Windows Internals | FUNDAMENTAL WINDOWS PROCESSES. Hello friends. In this blog post I… | by Alparslan Akyıldız academy | Medium
- WoW64 internals - mindless-area
- CodeMachine - Windows RE Articles
- Pavel Yosifovich – Adventures in Coding, Internals and Learning
- Windows API Index (Windows)
- Geoff Chappell, Software Analyst
- Exploring Windows virtual memory management
- Visual Studio Documentation | Microsoft Docs
- Terminus Project
- howknows/awesome-windows-security-development: awesome-windows-security-development
- Applied Reverse Engineering: Exceptions and Interrupts - Reverse Engineering
- Tamas K Lengyel on Twitter: "@h0mbre_ @hardik05 You can use https://t.co/S1TNJ853pc, use windbg to set int3's to be the harness." / Twitter
- Hexacorn | Blog
- Finding Privilege Escalation Vulnerabilities in Windows using Process Monitor
- GitHub - ionescu007/clfs-docs: Unofficial Common Log File System (CLFS) Documentation
- Windows 11 Security Book
- Wumbobfuscation/Wumbobfuscation: Wumbo Windows Obfuscation. Details analysis and development of Windows OS obfuscation techniques for use in tool development.
- Part 2 - Reverse Engineering Basics - Windows x64 - ScriptDotSh
- Part 2-2 – Reverse Engineering – XOR encryption – Windows x64 - ScriptDotSh
- Part 2-3 – Reverse Engineering – Building Cracked Binaries – Windows x64 - ScriptDotSh
- Applied Reverse Engineering Series - Reverse Engineering
- 0xZ0F/Z0FCourse_ReverseEngineering: Reverse engineering focusing on x64 Windows.
- The Windows Restart Manager: How It Works Part 1
Linux RE
ELF File Stuff
- pics/binary/elf101/elf101-64.svg at master · corkami/pics
- ELF Walkthrough
- r0hi7/BinExp: Linux Binary Exploitation
- GitHub - 0xM3R/cgPwn: A lightweight VM for hardware hacking, RE (fuzzing, symEx, exploiting etc) and wargaming tasks
- BinExp/README.md at master · r0hi7/BinExp
- BinExp/README.md at master · r0hi7/BinExp
- Anatomy of a Program in Memory | Many But Finite
- linux - How does ELF file format defines the stack? - Stack Overflow
- The Art Of ELF: Analysis and Exploitations | FlUxIuS' Blog
- Executable and Linkable Format - Wikipedia
- elf.pdf
- The ELF format - how programs look from the inside - Christian Aichinger's thoughts
- The 101 of ELF files on Linux: Understanding and Analysis - Linux Audit
- ELF Hello World Tutorial - Ciro Santilli
- ELF Binary Mangling Part 1 — Concepts | by 【☆ ゆう ☆ 】 | Medium
- Elf Binary Mangling Pt. 2: Golfin’ | by 【☆ ゆう ☆ 】 | Medium
- Elf Binary Mangling Part 3 — Weaponization | by 【☆ ゆう ☆ 】 | Medium
- Introduction to Executables | Binary Exploitation 0x00 - YouTube
- Introduction to the ELF Format : The ELF Header (Part I)
- The 101 of ELF files on Linux: Understanding and Analysis - Linux Audit
- ELF Executable and Linkable Format diagram by Ange Albertini.png - Wikimedia Commons
- Executable and Linkable Format 101 - Part 1 Sections and Segments - Intezer
- Executable and Linkable Format 101. Part 2: Symbols - Intezer
- Executable and Linkable Format 101 Part 3: Relocations - Intezer
- Executable and Linkable Format 101 Part 4: Dynamic Linking - Intezer
- ELF Tools
- Searchable Linux Syscall Table for x86 and x86_64 | PyTux
- compiler-gcc.h - include/linux/compiler-gcc.h - Linux source code (v5.4.72) - Bootlin
- Linux Capabilities: Why They Exist and How They Work
- Part 1 - Reverse Engineering Basics - Linux x64
- Part 1-2 – Reverse Engineering Password Protected Reverse Shells – Linux x64
- Part 3 - Reverse Engineering Basics - Linux on ARM64
- Part 3-2 - Reverse Engineering - Patching Binaries with Radare2 - ARM64 - ScriptDotSh
- How main() is executed on Linux LG #84
- Interactive map of Linux kernel
- GitHub - makelinux/linux_kernel_map: Linux kernel map
MacOS RE
- Firmware Keys/17.x - The Apple Wiki
Android RE
Tools
- JTrace - An Android Aware strace(1), and more
- Peek into the world of Android Virtualization | by Egidijus Lileika | May, 2023 | Medium
Books
Android Malware Handbook
- android-malware-ml-book (The Android Malware Handbook) · GitHub
- The Android Malware Handbook | No Starch Press
Courses
- Amazing Free Course! MOBISEC - Mobile Security Course
- Android App Reverse Engineering 101 | Learn to reverse engineer Android applications!
Videos
- Securing the System: A Deep Dive into Reversing Android Pre-Installed Apps - YouTube
- Android App Reverse Engineering 101 | Learn to reverse engineer Android applications!
- Android App Privacy Checker | εxodus
- Maddie Stone - Path to the Payload
- ConPresentations/Blackhat2019.SecuringTheSystem.pdf at master · maddiestone/ConPresentations
- Protecting Android users from 0-Day attacks
- Finding Phones With Google Maps Part 1 (Android) – The Binary Hick
iOS RE
- ivRodriguezCA/RE-iOS-Apps: A completely free, open source and online course about Reverse Engineering iOS Applications.
- Apple/MacOS/iOS Tools
- iphone - How do I download an iOS App (IPA) file to my Mac after iTunes 12.7 update? - Ask Different
- iPhone Setup for Reversing and Debugging
- How to Reverse Engineer and Patch an iOS Application for Beginners: Part I
- How to Reverse Engineer and Patch an iOS Application for Beginners: Part I
- iOS_Reverse_Engineering RE Practice: The iOS IPA file Reverse Engineering reference
- Finding the Entrypoint of iOS Apps in Ghidra - YouTube
- Demangling Swift Symbols for Reverse Engineering - YouTube
Calling Conventions
Good Resources
- Stack frame layout on x86-64 - Eli Bendersky's website
- Journey to the Stack, Part I | Many But Finite
Linux
- assembly - What are the calling conventions for UNIX & Linux system calls (and user-space functions) on i386 and x86-64 - Stack Overflow
- Linux Syscall Conventions - The Definitive Guide to Linux System Calls - Packagecloud Blog
- WORTH READING - x86 Disassembly.pdf
- C Function Call Conventions, UMBC CMSC 313, Spring 2002
- Calling Conventions
- x86 In-Depth: CDECL Calling Convention Complete Tutorial - BONUS video - YouTube
- What are the calling conventions for UNIX & Linux system calls on i386 and x86-64 - Stack Overflow
- How Functions Work
- Calling conventions for different C++ compilers and OS
- x86 Disassembly/Calling Conventions - Wikibooks, open books for an open world
- x86-64bit-C Calling Convention-chapter.pdf
- x86 calling conventions - Wikipedia
- x86_64-abi-0.95.pdf
- Calling Conventions - OSDev Wiki
Other File Format/Protocol Stuff
File Formats
- corkami binary posters
- File Formats 101
Protocols (Network, Other)
- Network Protocols – Programmer's Compendium
- Network Protocol RE | Offensive Network Security -- Lectures
- List of file signatures - Wikipedia
- UDF - Universal Disc Format - OSDev Wiki
Data Structures
- Automatic Reverse Engineering of Data Structures from Binary Execution [PDF]
- Digging For Data Structures [PDF]
- TIE: Principled Reverse Engineering of Types in Binary Programs [PDF]
- MemPick: High-Level Data Structure Detection in C/C++ Binaries [PDF]
- Howard: a dynamic excavator for reverse engineering data structures [PDF]
Software Cracking
- CrackWatch
- Daily Releases (February 14, 2018) : CrackWatch
- CS.RIN.RU - Steam Underground Community • Index page
- [Crack Watch] Beginners Guide to Crack Watch : CrackWatch
- How the Dreamcast copy protection was defeated
Game Hacking
PwnAdventure
- PwnAdventure3 - Game Open-World MMORPG Intentionally Vulnerable To Hacks - KitPloit - PenTest Tools for your Security Arsenal ☣
- PwnAdventure3/re-mmorpg-troopers18.pdf at master · beaujeant/PwnAdventure3 · GitHub
- You Have to Hack This Massively Multiplayer Game to Beat It | WIRED
- GitHub - Vector35/PwnAdventureZ: NES zombie survival game made to be hacked
- Pwn Adventure 3: Pwnie Island
- Intro to Game Hacking
- Getting Started With Game Hacking: The Definitive Guide (Part 1)
- [Tutorial] Getting Started With Programming And Gamehacking
- [Tutorial] Make your own dll hack | [1] | Memory patching & Editing
- [Tutorial] CodeCave with OllyDbg
- [Information] Useful C++/Gamehacking/Programming for beginners threads - Mega thread
- Game Hacking: WinXP Minesweeper - Reverse Engineering - 0x00sec
- Finding and exploiting hidden features of Animal Crossing’s NES emulator | jamchamb.github.io
- /r/REGames
- Guided Hacking - YouTube
- stephen chapman - YouTube
- Learn to hack games with Squally
- Video Tutorial - Squally CS420 Game Hacking Course | Guided Hacking
- Bloog Bot - drewkestell.us
- Source Code - CSGO Aimbot Internal Using Reclass Like a Boss | Guided Hacking
- Counterstrike Global Offensive - UnKnoWnCheaTs - Multiplayer Game Hacks and Cheats
- Hacking a game with DLL injection [Game Hacking 101] - YouTube
- How I cut GTA Online loading times by 70%
- 247CTF - YouTube
- Introduction to Game Hacking! | muffin | Ax1al
- Reverse Engineering an old Mario & Luigi game for fun – CYBER GEEKS
- Game Hacking with Binary Ninja - Interrupt Labs
- Hacking TMNF: Part 1 - Fuzzing the game server | bricked.tech
- Hacking TMNF: Part 2 - Exploiting a blind format string | bricked.tech
- Guided Hacking
- GuidedHacking Courses
- Game Hacking - Video Game Patches
- GitHub - niemand-sec/AntiCheat-Testing-Framework: Framework to test any Anti-Cheat
- Video Game Anti Cheat Research Paper | https://repositorio-aberto.up.pt/bitstream/10216/142935/2/572983.pdf
- How We Wrote a Self-Hacking Game in C++ | by Zachary Canann | SquallyGame | Medium
Cryptography Stuff
- Basics of Cryptography Part I: RSA Encryption and Decryption
- jcryptool/doc: JCrypTool Documentation and Resources
- Base64 Decode and Encode - Online
- The Black Chamber - Chamber Guide
- PyCrypto API Documentation
- Crypto Primitives.pdf
- Elementary Number Theory.pdf
- Crypto and Privacy Village
- Introduction to encryption for embedded Linux developers - sergioprado.blog
Memory Layout & Virtual Memory Things
- Copy on Write & Known DLL's | GitHub - yo-yo-yo-jbo/virtual_memory_known_dlls
- Process Memory and Memory Corruption | Azeria Labs
- Memory Layout of C Programs - GeeksforGeeks
- Anatomy of a Program in Memory | Many But Finite
- Memory Management Glossary: B — Memory Management Reference 4.0 documentation
- Virtual address space - Wikipedia
- How does Memory Allocation work in Python (and other languages)? | by Anisha Jain | Data Driven Investor | Medium
- /r/Reverse Engineering
- Statically Rewriting x86 Binaries Without Heuristics (Paper and GitHub Sources) - ReverseEngineering
- Good RE Practice | learning-reverse-engineering: This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.
- Rewriting Functions in Compiled Binaries | Trail of Bits Blog
- A curated list of Assembly Language / Reversing / Malware Analysis -resources
- awesomereverse-engineering: List of awesome reverse engineering resources
HW Reverse Engineering (IoT, Game Consoles, Embedded Systems, etc)
Books and Research Papers
- Hacking the Xbox: An Introduction to Reverse Engineering
- PCB-RE: Tools & Techniques: Mr Keng Tiong Ng: 9781979331388: Amazon.com: Books
- Software-based Microarchitectural Attacks
- Project Zero: Exploiting the DRAM rowhammer bug to gain kernel privileges
- Precursor to Rowhammer.pdf
- How to become a Hardware Security Specialist – Sudhendu
- An Embedded Software Primer: Simon, David E.: 0785342615692: Amazon.com: Books
Reversing Integrated Circuits
- Reverse-engineering the adder inside the Intel 8086
- ULN2003 - practical example of «reading» microchip schematic : ZeptoBars
- How to crack open some computer chips and take your own die shots - ExtremeTech
- Universal asynchronous receiver-transmitter - Wikipedia
- Reading Silicon: How to Reverse Engineer Integrated Circuits - YouTube
- Reverse-engineering the carry-lookahead circuit in the Intel 8008 processor
Video Game Console Reversing
- fail0verflow :: ShofEL2, a Tegra X1 and Nintendo Switch exploit
- fail0verflow :: PS4 Aux Hax 1: Intro & Aeolia
- fail0verflow :: PS4 Aux Hax 2: Syscon
- fail0verflow :: PS4 Aux Hax 3: Dualshock4
- Hacking the PS4, part 1 - Introduction to PS4's security, and userland ROP
- Making a GameCube memory card editor with Raspberry Pi | jamchamb.github.io
- The weird and wonderful CIC
Reversing Protocols and Architectures
- Syonyk's Project Blog: Reverse Engineering the TEC-06 Serial Protocol
- Basics of UART Communication
- Universal asynchronous receiver-transmitter - Wikipedia
- Serial Peripheral Interface - Wikipedia
- i2c - Google Search
- Serial Communication in 8051
- SPI Bus Protocol
- I2C Protocol
- uart protocol - Google Search
- i2c protocol - Google Search
IoT/Embedded Systems & Car RE & Hacking
Books
- Hacking the Xbox: An Introduction to Reverse Engineering
Courses/Trainings
- Hardware Security | Coursera
- RPI - Hardware Reverse Engineering
- nand2tetris
- GT - Embedded Systems
- Hardware Hacking Workshop Online | Registration
- Firmware reverse engineering with Ghidra | AS.T - AdvancedSecurity.Training
- Introduction to Hardware Hacking and Reverse Engineering | AS.T - AdvancedSecurity.Training
Tools to Use
Logic Analyzers
- Logic Analyzers for like SPI - Google Search
- Logic Analyzers for like i2c - Google Search
- The IoT Hacker's Toolkit · System Overlord
- Analog Discovery 2 - National Instruments
- Syonyk's Project Blog: DSO138 Scope, Acrylic Housing Assembly, and USB Power
- RFID Thief v2.0 - scund00r
- newaetech/chipwhisperer: ChipWhisperer - the complete open-source toolchain for side-channel power analysis and glitching attacks
- ChipWhisperer® – NewAE Technology Inc.
- X-Ray Tool
- dediprog - chip dumping
- Beagle USB 12 Protocol Analyzer - Total Phase
- BeagleBoard.org - black
- DSLogic Plus – DreamSourceLab
- 8x Hook Clips – DreamSourceLab
- Organizer SOIC8 SOP8 Flash Chip IC Test Clips Socket Adpter Programmer BIOS + CH341A 24 25 Series EEPROM Flash BIOS USB Programmer Module (Double Clip+ USB) https://www.amazon.com/dp/B07R5LPTYM/ref=cm_sw_r_cp_apa_i_JdwWDbJ9C270H - Google Search
- FTDI Cable 5V - DEV-09718 - SparkFun Electronics
- GitHub - e-m-b-a/emba: emba - Embedded Analyzer
- HydraBus · open source multi-tool for anyone interested in learning/developping/debugging/hacking/Penetration Testing for basic or advanced embedded hardware.
- Flipper Zero — Portable Multi-tool Device for Geeks
- Binwalk replacement - unblob: Extract files from any kind of container formats
- The IoT Hacker's Toolkit · System Overlord
- Analog Discovery 2 - National Instruments
- Syonyk's Project Blog: DSO138 Scope, Acrylic Housing Assembly, and USB Power
- RFID Thief v2.0 - scund00r
- newaetech/chipwhisperer: ChipWhisperer - the complete open-source toolchain for side-channel power analysis and glitching attacks
- ChipWhisperer® – NewAE Technology Inc.
- X-Ray Tool
- dediprog - chip dumping
- Amazon.com: analog discover 2
- Oscilloscope Graphics Editor
- Terminal Access on routers via UART - theyhack.me
- rpilocator - Find Raspberry Pi Computers in Stock
- binarly-io/uefi_r2: Tools for analyzing UEFI firmware using radare2
- GitHub - hugsy/gdb-static: Public repository of static GDB and GDBServer
- gdbserver remote debugging - Google Search
- gdb - Cross debugging for ARM / MIPS ELF with QEMU/toolchain - Reverse Engineering Stack Exchange
- flashrom(8) - Linux man page
- flashrom
- flashrom: detect, read, write, verify and erase flash chips - Linux Man Pages (8)
- Bus Pirate - DP
- mkimage(1): make image for U-Boot - Linux man page
Firmware Stuff
- Introduction to Firmware Reversing - YouTube
- lowlevelprogramming-university: How to be low-level programmer
- Open Source Firmware - Tasmota
- Intro to Embedded RE: UART Discovery and Firmware Extraction via UBoot - VSS Blog
- Intro to Embedded RE Part 1: Tools and Series Overview - VSS Blog
- Intel, Lenovo and more hit by major BIOS security flaws | TechRadar
- FirmWire is a full-system baseband firmware emulation platform for fuzzing, debugging, and root-cause analysis of smartphone baseband firmwares
- Hacking microcontroller firmware through a USB | Securelist
- Introduction to Firmware Reversing - YouTube
- Reverse Engineering Yaesu FT-70D Firmware Encryption | lander's posts
- Reverse Engineering Firmware: Linksys WAG120N – /dev/ttyS0
- 5-Min Tutorial: Lifting Firmware with the Bus Pirate – B-sides
- postmarketOS Low-Level: Tiny Steps Towards Liberating Bootloaders and Cellular Modem Firmware of MediaTek Phones
- Hacking Microcontroller Firmware through a USB | Securelist
- Breaking Bits
- https://media.defcon.org/DEF CON 27/DEF CON 27 presentations/DEFCON-27-Christopher-Roberts-Firmware-Slap.pdf
- Methods for Extracting Firmware from OT Devices for Vulnerability Research
- Reverse Engineering Firmware Primer - Paul's Security Weekly
- Introduction to Firmware Reversing - YouTube
Videos to learn from
- Hardware Hacking on Vimeo
- How safe is a Wifi Cloud Hub Router (from hackers)? - YouTube
- Secrets of the Nintendo CIC Chip - Early Cartridge Anti-Piracy | MVG - YouTube
- Intro to Hardware Reversing: Finding a UART and getting a shell - YouTube
- Introduction to U Boot Interaction and Hacking - YouTube
- Hacker's Guide to UART Root Shells - YouTube
- Samy Kamkar's Crash Course in How to Be a Hardware Hacker - YouTube
More IoT Device RE/VR
- Embedded Hardware Hacking 101 – The Belkin WeMo Link « Threat Research Blog | FireEye Inc
- Reverse Engineering My Home Security System: Decompiling Firmware Updates
- Practical Reverse Engineering Part 1 - Hunting for Debug Ports · Hack The World
- Rooting a Logitech Harmony Hub: Improving Security in Today's IoT World « Rooting a Logitech Harmony Hub: Improving Security in Today's IoT World | FireEye Inc
- Heart of Darkness - exploring the uncharted backwaters of HID iCLASS RFID reader security
- Pwning Home Router - Linksys WRT54G | Elon Gliksberg
- Reverse engineering my router's firmware with binwalk - #embeddedbits
- Pulling MikroTik into the Limelight — Margin Research
- unwyze - Wyze Cam Exploit
- Emulating IoT Firmware Made Easy: Start Hacking Without the Physical Device
- Turning Google smart speakers into wiretaps for $100k
- orbi hunting 0x0: introduction, UART access, recon | hyprblog
- orbi hunting 0x1: crashes in soap-api | hyprblog
- nday exploit: netgear orbi unauthenticated command injection (CVE-2020-27861) | hyprblog
Car Hacking
- jaredthecoder/awesome-vehicle-security: 🚗 A curated list of resources for learning about vehicle security and car hacking.
- Car Hacking 101: Practical Guide to Exploiting CAN-Bus using Instrument Cluster Simulator — Part I: Setting Up
- CAN Bus Explained - A Simple Intro (2021)
- linux-can/can-utils: Linux-CAN / SocketCAN user space applications
- How I Hacked my Car :: Programming With Style
- How I Hacked my Car Guides: Creating Custom Firmware :: Programming With Style
- Car Hacking | Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More | Sam Curry
Video Game Console RE
- fail0verflow :: ShofEL2, a Tegra X1 and Nintendo Switch exploit
- fail0verflow :: PS4 Aux Hax 1: Intro & Aeolia
- fail0verflow :: PS4 Aux Hax 2: Syscon
- fail0verflow :: PS4 Aux Hax 3: Dualshock4
- Hacking the PS4, part 1 - Introduction to PS4's security, and userland ROP
- Making a GameCube memory card editor with Raspberry Pi | jamchamb.github.io
- The weird and wonderful CIC
Unknown File RE Approaches
- Identifying Unknown Binary File - Recon 2016 - Breaking Band; reverse engineering and exploiting the shannon baseband
- How to reverse engineer a program written for an unknown processor
- disassembly - Reverse unknown undocumented architecture - a tough challenge - Reverse Engineering Stack Exchange
- binvis.io
- Embedded Devices Security Firmware Reverse Engineering
- REcon 2016 - Black box reverse engineering for unknown custom instruction sets (David Carne) - YouTube
- Building Custom Disassemblers Video
- Building Custom Disassemblers Slides
- firmware - lzma: File format not recognized [Details enclosed] - Reverse Engineering Stack Exchange
- How To Do Firmware Analysis. Tools, Tips, and Tricks | Pen Test Partners
- DGTEFF - XentaxWiki
- Recon2023 Tim Blazytko UnvelilingSecretsInBinaries - YouTube
Bootloader Stuff
- Bootloaders in Embedded Linux Systems | 7.1 Role of a Bootloader | InformIT
- Worlds Simplest Bootloader :: Bare Metal Programming Series 4 - YouTube
- Bootloaders.io
- Writing a Bootloader Part 1 | Alex Parker's Website
- Writing a Tiny x86 Bootloader - Joe Bergeron
- postmarketOS Low-Level: Tiny Steps Towards Liberating Bootloaders and Cellular Modem Firmware of MediaTek Phones
Emulation
- Arm/MIPS/x86 Emulation Platforms - PANDA.re
- QEMU v2 - PANDA.re
- wimpysworld/quickemu: Quickly create and run optimised Windows, macOS and Linux desktop virtual machines.
- Writing a simple x86 emulator with IDAPython | Shortjump!
- How to write an emulator (CHIP-8 interpreter) | Multigesture.net
- firmadyne/firmadyne: Platform for emulation and dynamic analysis of Linux-based firmware
- pr0v3rbs/FirmAE: Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis
- FirmAE: Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis
- Emulation Framework - qilingframework/qiling: Qiling Advanced Binary Emulation Framework
- GitHub - e-m-b-a/embark: EMBArk - The firmware security scanning environment
JTAG
- JTAG Explained (finally!): Why "IoT" Makers, Software Security Folks, and Device Manufacturers Should Care - Senrio
- grandideastudio/jtagulator: JTAGulator: Assisted discovery of on-chip debug interfaces
- Being Open Sourced | JTAGulator 24-Channel Hardware Hacking Tool - Parallax
- analyzing JTAG hex dumps - Google Search
- JTAG 'Hacking' the Original Xbox in 2023 | RET2 Systems Blog
Integrated Circuit (IC) RE/VR
- ULN2003 - practical example of «reading» microchip schematic : ZeptoBars
- How to crack open some computer chips and take your own die shots - ExtremeTech
- Universal asynchronous receiver-transmitter - Wikipedia
- Building Silicon Dreams: An Adventure in Hardware Design | Rayanfam Blog
- 34C3 - Reverse engineering FPGAs - YouTube
- Reverse engineering a simple CMOS chip - YouTube
- Application-Specific Integrated Circuits (ASICs) - Google Search
- Field Programmable Gate Arrays (FPGAs) - Google Search
- GPIO - Google Search
- Hackaday Supercon - Ken Shirriff : Studying Silicon: Reverse Engineering Integrated Circuits - YouTube
- Black Hat USA 2017 | IC Reverse Engineering 101
- 34C3 - Reverse engineering FPGAs - YouTube
- Reverse engineering a simple CMOS chip - YouTube
- Hackaday Supercon - Ken Shirriff : Studying Silicon: Reverse Engineering Integrated Circuits - YouTube
- Secrets of the Nintendo CIC Chip - Early Cartridge Anti-Piracy | MVG - YouTube
- 1 04 Reversing and Bypassing DRMHSM Dongles Jeremy Mill - YouTube
Reversing Protocols
- Syonyk's Project Blog: Reverse Engineering the TEC-06 Serial Protocol
- uart protocol - Google Search
- i2c protocol - Google Search
- Reverse Engineering Firmware: Linksys WAG120N – /dev/ttyS0
- 5-Min Tutorial: Lifting Firmware with the Bus Pirate – B-sides
- Hacking Microcontroller Firmware through a USB | Securelist
- Breaking Bits
- https://media.defcon.org/DEF CON 27/DEF CON 27 presentations/DEFCON-27-Christopher-Roberts-Firmware-Slap.pdf
- Forum - [GUIDE] The Beginners Guide to Using a CH341A SPI Programmer/Flasher (With Pictures!)
- Good Reverse Engineering Firmware Guide
- Practical Reverse Engineering Part 1 - Hunting for Debug Ports · Hack The World
- Practical Reverse Engineering Part 4 - Dumping the Flash · Hack The World
- US-13-Zaddach-Workshop-on-Embedded-Devices-Security-and-Firmware-Reverse-Engineering-WP.pdf
- Data Sheet Search
- Alibaba - Possible Data Sheet Search
- Cisco Small Business RV Series Routers Vulnerabilities
- Reverse Engineer Router Firmware – Part 1 | SECFORCE
- BSidesPDX 2018 Workshop · chipsec/chipsec Wiki
- Decompress LZMA SquashFS: Firmware Mod Kit - Modify the Files in Firmware Binaries!
- Firmware Patching: Fixing the TEW-632BRP – /dev/ttyS0
- Reverse Engineering My Home Security System: Decompiling Firmware Updates
- Practical Reverse Engineering Part 1 - Hunting for Debug Ports · Hack The World
- Rooting a Logitech Harmony Hub: Improving Security in Today's IoT World « Rooting a Logitech Harmony Hub: Improving Security in Today's IoT World | FireEye Inc
- Heart of Darkness - exploring the uncharted backwaters of HID iCLASS RFID reader security
- Idle Network Activity of a Samsung TV - VnutZ Domain
- Cheap IoT Hacking? | SOHOpelesslyBroken
- FCCID Search: Information resource for all wireless device applications
- Help unpacking U-boot firmware - Reverse Engineering Stack Exchange
- Reversing Firmware Part 1
- Firmware Analysis for IoT Devices
- File Systems - eLinux.org
- UEFI firmware (in)security research - flothrone · GitHub
- IoT Firmware Exploitation Online | Registration
- Zero Day Initiative — MindShaRE: How to “Just Emulate It With QEMU”
- IoT & Product Security Blog | Bishop Fox
- Fuzzing Embedded Systems Using Debug Interfaces - CISPA
- bunnie's burrow
- bunnie's blog
- O.MG Cable
- Solder Skills Challenge - SMD Challenge from MakersBox on Tindie
- GPIO - Google Search
- Application-Specific Integrated Circuits (ASICs) - Google Search
- Field Programmable Gate Arrays (FPGAs) - Google Search
- Oscilloscope Graphics Editor
- Hack Correlation
- NAND Flash Data Recovery Cookbook
- Training offered by SecuringHardware.com • SecuringHardware.com
- Hands-On Hardware Hacking and Reverse Engineering Techniques
- Black Hat USA 2017 | Hands-on Hardware Hacking and Reverse Engineering
- BasicFUN Series Part 1: Hardware Analysis / SPI Flash Extraction
- samy kamkar - home
- samyk (Samy Kamkar) · GitHub
- Intro to SDR and RF Signal Analysis
- BasicFUN Series Part 1: Hardware Analysis / SPI Flash Extraction | Wrongbaud's Blog
- Hardware Debugging for Reverse Engineers Part 2: JTAG, SSDs and Firmware Extraction | Wrongbaud's Blog
- Build a Modern Computer from First Principles: From Nand to Tetris (Project-Centered Course) | Coursera
- Simple CPU v1
- Embedded Software Engineering 101 — Embedded
- Hardware Debugging for Reverse Engineers Part 1: SWD, OpenOCD and Xbox One Controllers | Wrongbaud's Blog
- FPGA Embedded Design & Electronics for Developers
Vulnerability Research and Exploitation
Good Courses/Challenges/Blogs/Books
Sites/Blog Posts To Learn From
First Stop for Learning
Exploit Reversing
- Exploiting Reversing (ER) series: article 01 – Exploit Reversing
- Project Zero
- Exploits | ForrestOrr
- Isosceles Blog
- Exploit Equivalence Classes
- An Introduction to Exploit Reliability
- Low-Level Software Security for Compiler Developers
- How do I get started in vulnerability research? : ReverseEngineering
- Zero Day Initiative — VMware Exploitation through Uninitialized Buffers
- High-Level Approaches for Finding Vulnerabilities - @Jackson_T
- Project Zero - Monorail
- Travel blog of an evil transgirl: Reversing ALPC: Where are your windows bugs and sandbox escapes?
- Security Bulletins | Microsoft Docs
- Lexfo's security blog
- Cheat sheet - How Stack Pivots are used in Modern Exploits : ReverseEngineering
- Extracting a 19 Year Old Code Execution from WinRAR - Check Point Research
- Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website!
- Hackers Hut: Local root exploits
- Heartbleed - Wikipedia
- Troy Hunt: Everything you need to know about the Heartbleed SSL bug
- Project Zero: The Fully Remote Attack Surface of the iPhone
- Don't Follow The Masses: Bug Hunting in JavaScript Engines | Bluefrostsecurity
- Escaping the Chrome Sandbox via an IndexedDB Race Condition | Bluefrostsecurity
- Project Zero: Down the Rabbit-Hole...
- Vulnerability Reports || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence
- oss-security mailing list
- j00ru//vx tech blog
- Who's afraid of a big bad optimizing compiler? [LWN.net]
- Hunting for filesystem bugs
- Trinity: PSP Emulator Escape | TheFloW’s security blog
- command injection - TP Link
- 8 zero-day vulnerability, with a novel way to bypass common antiviruses self-protection and CVE-2020-16902 patch bypass.
- Project Zero: Introducing the In-the-Wild Series
- str::repeat - stable wildcopy exploit | str_repeat_exploit
- _hyp3ri0n's Hacking Journal
- NotQuite0DayFriday/2021.01.29-nitro at trunk · grimm-co/NotQuite0DayFriday · GitHub
- Intezer - How We Escaped Docker in Azure Functions
- Applying Offensive Reverse Engineering to Facebook Gameroom — spaceraccoon.dev
- Project Zero: Déjà vu-lnerability
- Offensive API Hooking | Ilan Kalendarov
- Don't Share Your $HOME with Untrusted Guests – Zero Day Engineering Blog
- offensive-security/exploitdb-papers: exploit-database-papers
- From Binary Patch to Proof-of-concept: a VMware ESXi vmxnet3 Case Study – Zero Day Engineering Blog
- Testing and exploiting Java Deserialization in 2021 | by AFINE | Medium
- Project Zero: How a simple Linux kernel memory corruption bug can lead to complete system compromise
- Project Zero: Taming the wild copy: Parallel Thread Corruption
- [Qemu-devel] Stack Overflow: rocker: fix an incorrect array bounds check
- GSOh No! Hunting for Vulnerabilities in VirtualBox Network Offloads - SentinelOne
- Project Zero: This shouldn't have happened: A vulnerability postmortem
- Finding a VMware vCenter Kernel 0day using Static Reverse Engineering — Signal Labs
- Project Zero: 2022 0-day In-the-Wild Exploitation…so far
- CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware - SentinelOne
- An Oral History of Binary Exploitation Defenses | The Taggart
- GitHub - HuskyHacks/binary-exploitation-defenses-tsar: Code for An Oral History of Binary Exploitation Defenses
- Home | CVE North Stars
- Introducing CVE North Stars | clearbluejar
- clearbluejar
Books
- The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities
- Hacking: The Art of Exploitation, 2nd Edition
- Amazon.com: Windows Internals, Part 1: System architecture, processes, threads, memory management, and more (7th Edition)
- Amazon.com: Windows Internals, Part 2 (6th Edition) (Developer Reference)
- Books to Learn Computer Security
Courses
- RPISEC - Modern Binary Exploitation
- Fall 2020 - Georgia Tech Information Security Lab Course
- Modern Binary Exploitation - Spring 2015
- RPISEC INTROSEC - Command Line
- RPISEC INTROSEC - Stegonography
- CNIT 127: Exploit Development -- Sam Bowne
- Violent Python and Exploit Development
- Exploits1
- SEED Project
- Basic General Vulnerability Course
- NYU Tandon VR and Pen Test Course
- Good Intro to VR - George Mason Security Lab - Google Drive
- Exploits2
- Offensive IoT Exploitation | Attify Store
- Program Analysis - Course+Overview.pdf
- Offensive Software Exploitation (OSE) Course | exploitation-course
- Training: "Hypervisor Vulnerability Research" - Zero Day Engineering
External Training
- Trainings | RET2 Systems
- Training :: Exodus Intelligence
- Android Internals & Others
- Tactical Network Solutions | IoT Security Training
- Windows Internals & Rootkits | Graceful Bits
- OSEE: Collection of things made during my preparation to take on OSEE
- Adversary Tactics: Tradecraft Analysis | SpecterOps
- Adversary Tactics: Vulnerability Research for Operators | SpecterOps
- Adversary Tactics: Red Team Operations | SpecterOps
- DUASYNT Trainings - Exploitation and Reverse Engineering
- Mini-classes: VULNDEV 102 - Zero Day Engineering Training
- Program Analysis Training — Möbius Strip Reverse Engineering
- INFILTRATE - Security Conference | 2020
- Signal Labs - VR & CNO Dev Training
Videos to learn from
- LiveOverflow - Binary Hacking (exploit exercises)
- How To Hack: Episode 1 - Trampoline Stack Smash - YouTube
- Buffer overflow on a modern system impossible? stack0: part 1 - bin 0x21 - YouTube
- Spectre and Meltdown attacks explained understandably - YouTube
- OS haxx0ring: Local root exploit via partial munmap() kernel flaw - YouTube
- Binary diffing for beginners - Finding vulnerabilities by patch diffing in Damn Vulnerable C Program - YouTube
- "Hypervisor Vulnerability Research: State of the Art" - YouTube
Wargames
- Ret2 WarGames
- Deus x64 - WarGames
- Exploit-Exercises: Protostar (v2) ~ VulnHub
- Exploit Education :: Andrew Griffiths' Exploit Education
- OverTheWire: Narnia - Basic Exploitation
- OverTheWire: Behemoth - Common Coding Mistakes
- OverTheWire: Utumno - Intermediate Difficulty Wargame
- OverTheWire: Maze - Exploitation/Programming/RE Wargame
- OverTheWire: Vortex | Good for Binary Exploitation
- OverTheWire: Semtex - Exploitation and RE
- io.netgarage.org
- SmashTheStack Wargaming Network
- CSAW 365
- Root Me | x86 Challenges
- zardus/wargame-nexus: A sorted and updated list of security wargame sites.
- pwnable.kr - various pwn challenges regarding system exploitation
- pwnable.tw - wargame site for hackers to test and expand their binary exploiting skills.
- Ret2: Deus x64 - a series of increasingly difficult computer security challenges
- Security Training Reimagined | RET2 WarGames
- Welcome to pwn.college! | pwn.college
- 0xbadc0ded - Old Pwnable Challenges
CVEs to Review
- Linux CVE DB
- Analysis of a Chrome Zero Day: CVE-2019-5786 | McAfee Blogs
- One more Steam Windows Client Local Privilege Escalation 0day
- Analysis of CVE-2019-0708 (BlueKeep) - MalwareTech
- sp0re/Nhttpd-exploits - Sp0re's Git
- Chrome Browser Exploitation Training | CVE_2019_5782.js
- 0vercl0k/CVE-2019-11708: Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.
- 0patch Blog: Did Microsoft Just Manually Patch Their Equation Editor Executable? Why Yes, Yes They Did. (CVE-2017-11882)
- HOT Crypto32.dll Vuln Exploiting the Windows CryptoAPI Vulnerability | Trail of Bits Blog
- CVEs - Systems Software and Security Lab
- CVE-2020-16898 – Exploiting “Bad Neighbor” vulnerability : pi3 blog
- Article: K03009991 - iControl REST unauthenticated remote command execution vulnerability CVE-2021-22986
- 2132 - F5 Big IP - ASM stack-based buffer overflow in is_hdr_criteria_matches - project-zero
- 2126 - F5 Big IP - TMM uri_normalize_host infoleak and out-of-bounds write - project-zero
- RCE CVE on Mouse Trap | Axel Persinger’s Blog
- Feral Terror vulnerability (some NETGEAR smart switches) [UPDATED] - gynvael.coldwind//vx.log
- Twitter
- GitHub - afwu/PrintNightmare
- Anatomy of an Exploit: RCE with CVE-2020-1350 SIGRed
- chompie1337/SIGRed_RCE_PoC
- Qualys Research Nominated for Pwnie Awards 2021 | Qualys Security Blog
- 1989130 – (CVE-2021-3673) CVE-2021-3673 radare2: improper input validation can lead to resource exhaustion when reading LE binary
- Kernel Pwning with eBPF: a Love Story
- Critical 9.9 Vulnerability In Hyper-V Allowed Attackers To Exploit Azure - Guardicore
- GitHub - lockedbyte/CVE-2021-40444: CVE-2021-40444 PoC
- Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit
- CVE - CVE-2021-41073
- Sudoers Bug | Oss-security - Sudo: CVE-2019-14287
- Full Disclosure Mailing List
- Zero Day Initiative — CVE-2019-0708: A Comprehensive Analysis of a Remote Desktop Services Vulnerability
- Really good intro to vuln research | An Exercise in Dynamic Analysis – Winsider Seminars & Solutions Inc.
- Vulnerabilities 1001: C-Family Software Implementation Vulnerabilities | OpenSecurityTraining2
- OWASP Code Review Guide | OWASP Foundation
- Code Review Stuff | OSWE/AWAE Preparation · Z-r0crypt
- Awesome Exploit List
- h4cker/exploit_development at master · The-Art-of-Hacking/h4cker
- GitHub - farazsth98/hypervisor_exploit_templates: Some notes + templates that you can use in your hypervisor research, either for full exploits, or to verify / falsify any assumptions you may make while auditing code.
- Intro Exploit Dev Resources
- on-pwning - Interesting Pwn Articles
- Vulncode-DB
- Eli Bendersky's website
- scwuaptx/HITCON-Training: For Linux binary Exploitation
- SEED Project
- Exploits Database by Offensive Security
- PoC-in-GitHub: 📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
- packetstorm-exploits
- offensive-security/exploitdb: The official Exploit Database repository
- Using ProcMon to find vulnerabilities - VulWiki
- 0day POC Exploits
- GitHub - hardik05/Damn_Vulnerable_C_Program: a c program containing vulnerable code for common types of vulnerabilities, can be used to show fuzzing concepts.
Exploit Development/Shellcoding Stuff
Tools
- pwntools Documentation
- Installation — pwntools 3.12.0 documentation
- Exploit Development with AFL, PEDA and PwnTools
- GitHub - Gallopsled/pwntools: CTF framework and exploit development library
- Weaponization of Nessus Plugins
- merrychap/shellen: Interactive shellcoding environment to easily craft shellcodes
- 0xdea/tactical-exploitation: Modern tactical exploitation toolkit.
- Payload Generation using SharpShooter – MDSec
- mdsecactivebreach/SharpShooter: Payload Generation Framework
- Art of Anti Detection 3 – Shellcode Alchemy – Pentest Blog
- ASCII to Hex | Text to Hex Code Converter
- bitdefender/bddisasm: bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
- pwntester/ysoserial.net: Deserialization payload generator for a variety of .NET formatters
- pwntools — pwntools 4.3.1 documentation
- hobbits: A multi-platform GUI for bit-based analysis, processing, and visualization
- slimm609/checksec.sh: Checksec.sh
Courses & Videos
- CNIT 127: Exploit Development -- Sam Bowne
- Offensive Computer Security 2014 - Lecture 02
- Stephen Sims on Twitter: "Zero to Hero: The process of reversing and exploiting complex vulnerabilities! https://t.co/TvQsPzhNGH" / Twitter
POC's
- HTTP Protocol Stack Remote Code Execution Vulnerability - CVE-2022-21907: Windows HTTP协议栈远程代码执行漏洞 CVE-2022-21907
- A curated list of CVE PoCs.
- PoC-in-GitHub/2021 at master · nomi-sec/PoC-in-GitHub
- poc/Microsoft at master · tenable/poc
- Vulnerability Database 🛡
- Bugtraq
- parallels vm escape - Proof-of-Concept
Exploit Primitives
Write What Where
- Exploit Development – Write what where (Protostar Heap1) | Failing Silently
- FuzzySecurity | Windows ExploitDev: Part 11
- Write-What-Where-Double exploit primitive - Google Search
- GitHub - redcanaryco/exploit-primitive-playground
Linux Specific Tutorials
- Intermediate Level Linux Exploitation
- Intro Binary Hacking Course - LiveOverflow
- Open Security - Intro to Software Exploits for Linux
- Open Security - Intro to Software Exploits for Linux
- Linux (x86) Exploit Development Series – sploitF-U-N
Windows Exploit Development Tutorials
Fuzzy Security Tutorials
- ExploitDev: Part 1 - Intro to Exploit Development
- ExploitDev: Part 2 - Saved Return Pointer Overflowing
- ExploitDev: Part 3 - Structured Exception Handler (SEH)
- ExploitDev: Part 4 - Egg Hunters
- ExploitDev: Part 5 - Unicode
- ExploitDev: Part 6 - Win32 Shellcode
- ExploitDev: Part 7 - ROP
- ExploitDev: Part 8 - Heap Spraying
- ExploitDev: Part 9 - Heap Spray - Use After Free (UAF)
- ExploitDev: Part 10 - Kernal Exploitation - Stack Overflow
- ExploitDev: Part 11 - Kernel Exploitation - Write-What-Where
- ExploitDev: Part 12 - Kernel Exploitation - Null Pointer Dereference
- ExploitDev: Part 13 - Kernel Exploitation - Uninitialized Stack Variable
- ExploitDev: Part 14 - Kernel Exploitation - Integer Overflow
- ExploitDev: Part 15 - Kernel Exploitation - Use After Free (UAF)
- ExploitDev: Part 16 - Kernel Exploitation - Pool Overflow
- ExploitDev: Part 17 - Kernel Exploitation - GDI Bitmap Abuse
- ExploitDev: Part 18 - Kernel Exploitation - RS2 Bitmap Necromancy
- ExploitDev: Part 19 - Kernel Exploitation - Logic bugs in Razer rzpnk.sys
- leesh3288/WinPwn: Windows Pwnable Study
- Awesome Windows CTF | zaratec
- A curated list of Windows Exploitation resources
- Introduction to Windows Kernel Driver Exploitation (Pt. 1)
- Starting with Windows Kernel Exploitation – part 1 – setting up the lab | hasherezade's 1001 nights
- Open Security Videos - Intro to Windows Exploits
- Open Security - Intro to Windows Exploits
- GitHub - smgorelik/Windows-RCE-exploits: The exploit samples database is a repository for **RCE** (remote code execution) exploits and Proof-of-Concepts for **WINDOWS**, the samples are uploaded for education purposes for red and blue teams.
- Windows exploitation - FullPwn Security Operations
- Win32k NULL-Pointer-Dereference Analysis by Matching the May Update - 小刀志
- Exploiting a “Simple” Vulnerability – In 35 Easy Steps or Less! – Winsider Seminars & Solutions Inc.
- Basics of Windows shellcode writing | Ring 0x00
Shellcoding
Books
- The Shellcoder's Handbook: Discovering and Exploiting Security Holes
Blog Posts to Learn From
- Getting ready for Assembly Language Programming – Part 1
- Getting ready for Assembly Programming – Anatomy of Intel Processor - Part 2
- Getting started with Assembly language programming - End of theory - Part 3
- Assembly Language Programming and Shellcoding - Lab setup and some important things - Part 4
- Assembly Language Programming and Shellcoding - Hello World - Part 5
- Assembly Language Programming and Shellcoding - Important Functions - Part 6
- Assembly Language Programming and Shellcoding – Important Functions – Part 7
- bdshemu: The Bitdefender shellcode emulator | Hypervisor Memory Introspection
- Shellcoding for Linux and Windows Tutorial
- How to write a (Linux x86) egg hunter shellcode | Adventures in the programming jungle
- Shellcode Injection - Dhaval Kapil
- Linux Shellcoding (Part 1.0) - Exploit Development - 0x00sec - The Home of the Hacker
- M34_The_Art_of_Writing_Shellcode.pdf
- Phrack | how to turn any code into alphanumeric code
- Shellcode limitations - Wikipedia
- Phrack | Bypassing Unicode Translation That Adds Null Bytes
- How to Execute Shellcode - Wikipedia
- English Text Shellcode.pdf
- Shell-storm Mirror | A collection of shellcode, ripped straight from the shell-storm database. We host this just for easy access, since shell-storm cannot be reached within the Academy's Internet.
- 0x2a0 Writing Shellcode
- Exploit Database Shellcodes
- Linux/x64 - execve(/bin/sh) Shellcode (34 bytes) - Linux_x86-64 shellcode Exploit
- Part 3: Execve Shellcode | NekoSecurity
- execve(2) - Linux manual page
- Online x86 and x64 Intel Instruction Assembler
- Linux/x86 - execve(/bin/sh) + Socket Re-Use Shellcode (50 bytes) - Linux_x86 shellcode Exploit
- Writing ARM Shellcode | Azeria Labs
- SHORT x86 SHELLCODE - nibbler writeup - Trickery Index
Exploit Databases
- Exploits Database by Offensive Security
Buffer Overflow/Memory Corruption
GOT/PLT Overwriting (Global Offset Table and Procedure Linkage Table)
- GOT and PLT for pwning. · System Overlord
- Binary Exploitation | GOT
- How is glibc loaded at runtime? | Dustin Schultz — Pluralsight Author & Principal Software Engineer
- Position Independent Code (PIC) in shared libraries - Eli Bendersky's website
- Memory Corruption 101 - NYU Poly 2011
- Exploit writing tutorial part 1 : Stack Based Overflows | Corelan Team
- Linux ExploitDev: Part 3 - Buffer Overflow
- 0x7 Exploit Tutorial: Bad Character Analysis
- 0x0 Exploit Tutorial: Buffer Overflow – Vanilla EIP Overwrite
- 0×3 Exploit Tutorial: Buffer Overflow – SEH Bypass
- Binary Exploitation ELI5– Part 1 –Stack/Buffer Overflow/Ret2Libc
- Binary Exploitation ELI5 — Part 2 – Bypass Stack Mitigations
- Speedrun Hacking Buffer Overflow - speedrun-001 DC27 - YouTube
- Variations in Exploit Methods Between Linux and Windows
- Recreating exploits - Disk Pulse Enterprise 9.9.16 - Remote Buffer Overflow (SEH) - Zero Aptitude
Mitigation Techniques and Bypasses
ASLR (info leaks/format string exploits)
Format String Exploitation
- Introduction to format string exploits
- Linux ExploitDev: Part 2 - Format String Exploit
- Demo3A - Format String Vulnerability and Exploit Variant - YouTube
- Demo3 - Format String Vulnerability and Exploit - YouTube
- CNIT 127 Ch 4: Introduction to format string bugs - YouTube
- Format Strings Exploitation Tutorial
- Format string attack - OWASP
- Format String to dump binary and gain RCE - 33c3ctf ESPR (pwn 150) - YouTube
- Defeating ASLR With a Leak
- Binary Privilege Escalation in x64. Defeating ASLR with Leaks · Jorge Lajara
- PLT and Bypassing ASLR – Part I – sploitF-U-N
- Exploit Mitigation Techniques - Address Space Layout Randomization (ASLR) - Exploit Development - 0x00sec - The Home of the Hacker
- ASLR on Memory Mapping.pdf
- Binary Exploitation Series (5): How to leak data? - made0x78 Security
Stack Canaries
- Canary Bypass - Greyshell's Diary
- Binary Exploitation Series (6): Defeating Stack Cookies - made0x78 Security
- Canaries/Cookies - Nightmare
- Stack Canaries - 0x00sec
- Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR | Corelan Team
- picoCTF Write-up ~ Bypassing ASLR via Format String Bug - Exploit Development - 0x00sec - The Home of the Hacker
Windows CFG
- Control Flow Guard - Windows applications | Microsoft Docs
- Exploring Control Flow Guard in Windows 10
- Windows 10 Exploit Protection system-level mitigation, Control flow guard (CFG), must be on.
Shadow Stack Bypass
- Bypassing Return Flow Guard (RFG) – Eyal Itkin
- Return Flow Guard – Tencent Security Xuanwu Lab
RelRO
- Hardening ELF binaries using Relocation Read-Only (RELRO)
- RELRO: RELocation Read-Only - Julian Cohen - Medium
- RELRO - A (not so well known) Memory Corruption Mitigation Technique
- RELRO: RELocation Read-Only – OSIRIS Lab at NYU Tandon
- RELRO - Nightmare
- Binary Exploitation Series (7): Full RelRO Bypass - made0x78 Security
- Binary Exploitation ELI5 — Part 2 – Bypass Stack Mitigations
- aslur/offensivecon-talk.pdf at master · blackzert/aslur · GitHub
- asia-18-Marco-return-to-csu-a-new-method-to-bypass-the-64-bit-Linux-ASLR-wp.pdf
- Exploitation Mitigation Techniques · isislab/Project-Ideas Wiki
- Bypassing ASLR – Part II – sploitF-U-N
- Bypassing ASLR – Part III – sploitF-U-N
- Epilogues, Canaries, and Buffer Overflows | Many But Finite
- Stack Canary - PicoCTF
- Stack Canary - Pico 2018
- CTF Series : Binary Exploitation — tech.bitvijays.com
- Windows Internals | Understanding Windows security mitigations - Security Blog
- Make Stack Executable again
- Exploit Mitigation Techniques - Stack Canaries - Exploit Development - 0x00sec - The Home of the Hacker
- Bypassing ASLR – Part I – sploitF-U-N
- Introducing Falcon Hardware Enhanced Exploit Detection | CrowdStrike
Format String Exploitation
- Introduction to format string exploits
- Linux ExploitDev: Part 2 - Format String Exploit
- Demo3A - Format String Vulnerability and Exploit Variant - YouTube
- Demo3 - Format String Vulnerability and Exploit - YouTube
- CNIT 127 Ch 4: Introduction to format string bugs - YouTube
- Format Strings Exploitation Tutorial
- Format string attack - OWASP
Return Oriented Programming (ROP)
- ROPgadget
- ExploitDev: Part 7 - ROP
- ROP Emporium
- ropchain | @kvakil
- SROP | Signals, you say? - Exploit Development - 0x00sec - The Home of the Hacker
- Learn ROP through a short series of practical challenges : netsec
- ROPping to Victory
- Hacking the PS4, part 1 - Introduction to PS4's security, and userland ROP
- 0vercl0k/rp: rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries. It is open-source and has been tested on several OS: Debian / Windows 8.1 / Mac OSX Lion (10.7.3). Moreover, it is x64 compatible and supports
- Notes/ret2libc.txt at master · Malformation/Notes
- libc - offset - 64-bit Linux stack smashing tutorial: Part 3
- ret2libc.pdf
- Binary Exploitation ELI5 — Part 3 – ROP/Heap Spray
- rop emporium - callme64
- Dive into ROP - a quick introduction to Return Oriented Programming
- Demo6A - Return-Oriented Programming Exploit with ROPgadget 64-bit Variant - YouTube
- Demo6 - Return-Oriented Programming Exploit with ROPgadget - YouTube
- Demo5 - Return-Into-Libc Exploit - YouTube
- h4cker/exploit_development at master · The-Art-of-Hacking/h4cker
- Buffer Overflow Practical Examples , ret2libc - protostar stack6 | 0xRick Owned Root !
- acama/xrop: Tool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC, RISCV, SH4 and SPARC
- Return Oriented Programming (ROP) Exploit Explained | Rapid7
- Intro to ROP: ROP Emporium — Split - I See Thieves - Medium
- A Simple ROP Exploit – /bin/sh via syscall | Failing Silently
- ROP - HandsOn | Offensive Computer Security 2014
- Introduction to return oriented programming (ROP)
- Return Oriented Programming
- 64-bit Linux Return-Oriented Programming
- ret2csu - A Return Oriented Programming Technique | Batcave - Infosec Blog
Heap Exploitation
- Heap Exploitation · GitBook
- Windows Kernel Exploitation Tutorial Part 7: Uninitialized Heap Variable - rootkit
- sec18-heelan.pdf
- Recommended - shellphish/how2heap: A repository for learning various heap exploitation techniques.
- GT - github - heap-exploitation: Book on heap exploitation; a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure
- ExploitDev: Part 8 - Heap Spraying
- ExploitDev: Part 9 - Heap Spray - Use After Free (UAF)
- Linux ExploitDev: Part 4 - Use After Free (UAF)
- Binary Exploitation ELI5 — Part 3 – ROP/Heap Spray
- Demo8 - Heap Spray Example - YouTube
- CNIT 127 Ch 5: Introduction to heap overflows - YouTube
- Heap Exploitation Part 1: Understanding the Glibc Heap Implementation | Azeria Labs
- Heap Exploitation Part 2: Understanding the Glibc Heap Implementation | Azeria Labs
- Heap BINARY EXPLOITATION w/ Matt E! - YouTube
- xu:collision.pdf
- Heap Exploitation ~ Abusing Use-After-Free - Exploit Development - 0x00sec - The Home of the Hacker
- thread local caching in glibc malloc · Online tukan sanctuary
- Once Upon a free()
- Mathy Vanhoef, PhD: Understanding the Heap & Exploiting Heap Overflows
- dlmalloc: A Memory Allocator
- Understanding the Heap by Breaking it
- How to Perform Clipboard Forensics: ActivitiesCache.db, Memory Forensics and Clipboard History
- Glibc Adventures: The Forgotten Chunks | Context Information Security UK
- Bugtraq: The Malloc Maleficarum
- Phrack - Malloc Des-Maleficarum
- Phrack - w00w00 on heap overflows
- Phrack - vudu malloc tricks
- 13.5 Heap Overflows :: Chapter 13. Application-Level Risks :: Network security assessment :: Networking :: eTutorials.org
- Understanding glibc malloc – sploitF-U-N
- The Heap: How do use-after-free exploits work? - bin 0x16 - YouTube
- Unsorted bin attack - CTF Wiki
- ctf/0ctf/pwn/babyheap at master · guyinatuxedo/ctf
- Glibc Heap Exploitation Basics : Introduction to ptmalloc2 internals (Part 1)
- Glibc Heap Exploitation Basics : ptmalloc2 internals (Part 2) - Fast Bins and First Fit Redirection
- children_tcache writeup and tcache overview - Eternal Stories
- Heap Exploit Development | Azeria Labs
- How a double-free bug in WhatsApp turns to RCE - Home
- Double Free · Heap Exploitation
- Understanding the Heap & Exploiting Heap Overflows
- 10_lecture.pdf
- Heap Exploitation - CTF 101
- x64 glibc heap exploitation techniques on Linux
- UAF - PlaidCTF 2020 Writeups
- SensePost | Linux heap exploitation intro series: used and abused – use after free
- Linux Heap Exploitation - Part 1 | Udemy
- Exploiting a textbook use-after-free in Chrome - GitHub Security Lab
- Unlink Exploit - heap-exploitation
- Tut09-02: Exploiting Heap Allocators - CS6265: Information Security Lab
- Tut09-2: Exploiting Heap Allocators - YouTube
- MallocMaleficarum.txt ≈ Packet Storm
- Hackers Hut: Exploiting the heap
- GT - mdbook - heap-exploitation: Book on heap exploitation; a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure
- oss-sec: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)
- CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) | Qualys Security Blog
- Filippo Valsorda 💚🤍❤️ ✊ on Twitter: "Exploitable heap overflow in libgcrypt 1.9.0 (┛ಠ_ಠ)┛彡┻━┻ It's the crypto library that gpg uses. Homebrew has 1.9.0 right now. 🚨 https://t.co/obYrz5b7z0" / Twitter
- Linux Heap Exploitation - Part 2 | Udemy
- GitHub - DhavalKapil/heap-exploitation: This book on heap exploitation is a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure. https://heap-exploitation.dhavalkapil.com/
- A Memory Allocator
- AirGap2020.10: Modern Linux Heap Exploitation - Dr. Silvio Cesare - YouTube
- Analysis of a Heap Buffer-Overflow Vulnerability in Adobe Acrobat Reader DC - Exodus Intelligence
- GitHub - stong/how-to-exploit-a-double-free: How to exploit a double free vulnerability in 2021. 'Use-After-Free for Dummies'
- Overview of GLIBC heap exploitation techniques
- The toddler’s introduction to Heap Exploitation, Unsafe Unlink(Part 4.3) | by +Ch0pin🕷️ | InfoSec Write-ups
- The toddler’s introduction to Heap exploitation (Part 1) | by +Ch0pin🕷️ | InfoSec Write-ups
Linux Kernel Exploitation
- Learning Linux kernel exploitation - Part 1 - Laying the groundwork
- Vegard Nossum on Twitter: "Not sure if this is widely known, but you can go to https://t.co/J2CxmfxDSR and click on any file and line in the kernel that syzkaller/syzbot knows how to reach and it will give you the smallest testcase that reaches it. https://t.co/uaf3QXswmB" / Twitter
- syzkaller/reproducing_crashes.md at master · google/syzkaller
- https://storage.googleapis.com/syzkaller/cover/ci-qemu-upstream.html
- Richard Johnson on Twitter: "TIL, need to repro a Linux kernel bug? Generate the initial code to get you close with syzbot!" / Twitter
- Linux Kernel CVEs | All CVEs
- Writing a Linux Kernel Remote in 2022
- Module: Kernel Security | pwn.college
- (nearly) Complete Linux Loadable Kernel Modules
- Linux Kernel Exploitation: Earning Its Pwnie a Vuln at a Time
- Phrack - Attacking the Core: Kernel Exploitation
- Understanding the Linux Kernel, Third Edition - Amazon.com
- A Guide to Kernel Exploitation: Attacking the Core - Amazon.com
- Linux Device Drivers - Amazon
- FuzzySecurity | Windows ExploitDev: Part 19
- Defcon 27
- ASUS Drivers Elevation of Privilege Vulnerabilities | SecureAuth
- GIGABYTE Drivers Elevation of Privilege Vulnerabilities | SecureAuth
- Weaponizing vulnerable driver for privilege escalation— Gigabyte Edition!
- A Guide to Kernel Exploitation: Attacking the Core: Enrico Perla B.Sc. Computer Science University of Torino M.Sc. Computer Science Trinity College Dublin, Massimiliano Oldani: 9781597494861: Amazon.com: Books
- A bunch of Linux kernel exploitation resources
- Exploiting a Linux kernel vulnerability in the V4L2 subsystem
- Conference Talks | Alexander Popov
- hacksysteam/HackSysExtremeVulnerableDriver: HackSys Extreme Vulnerable Windows Driver
- Linux Kernel Adventures: Reversing & Exploiting a Linux Driver
- [Linux Kernel Exploitation 0x0] Debugging the Kernel with QEMU
- Lexfo's security blog - CVE-2017-11176: A step-by-step Linux Kernel exploitation (part 1/4)
- [Linux Kernel Exploitation 0x1] Smashing Stack Overflows in the Kernel
- ctf-pwns/kernel/spark at master · BrieflyX/ctf-pwns
- Kernel Reving
- New Old Bugs in the Linux Kernel
- One day short of a full chain: Part 1 - Android Kernel arbitrary code execution - GitHub Security Lab
- Put an io_uring on it: Exploiting the Linux Kernel - Blog | Grapl
- Linux Kernel Adventures & exploiting a Linux driver
- Playing for K(H)eaps: Understanding and Improving Linux Kernel Exploit Reliability | USENIX
- A bunch of Linux kernel exploitation resources
- SecWiki/linux-kernel-exploits: linux-kernel-exploits Linux平台提权漏洞集合
- PaoloMonti42/salt: SALT - SLUB ALlocator Tracer for the Linux kernel
- GitHub - synacktiv/Windows-kernel-SegmentHeap-Aligned-Chunk-Confusion: PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap
- Kernel Exploitation Blog
- CVE-2021-22555: Turning \x00\x00 into 10000$ | security-research
- Learning Linux Kernel Exploitation - Part 1 - Midas Blog
- Easy_Kernel Exploitation Writeup from K3RN3LCTF 2021 - x3ero0's blog
- Improving the exploit for CVE-2021-26708 in the Linux kernel to bypass LKRG | Alexander Popov
- Linux Kernel Race Condition
- Linux kernel exploit development - Breaking Bits
tcache
- TikTok - A tcache tutorial with our dear friend Ke$ha | RPISEC
- Linux Heap TCache Poisoning
- Best books, tutorials and courses to learn about exploit development
- Ask HN: What's the prerequisite to become an exploit developer? | Hacker News
- Linux Exploitation Collection of Resources
- A curated list of resources (books, tutorials, courses, tools and vulnerable applications) for learning about Exploit Development
- dojo/challenge/vm at master · pwncollege/dojo · GitHub
- The State of Exploit Development: Part 1 | CrowdStrike
- The State of Exploit Development: Part 2 | CrowdStrike
- Windows Exploit Dev | Corelan Team - Exploit Writing Tutorials
- [Backdoor 101] Backdooring PE File by Adding New Section Header - Hack.Learn.Share
- The Beginners Guide to Codecaves - CodeProject
- Exploit Development Learning Roadmap : ExploitDev
- Basics for Binary Exploitation - O5wald
- GitHub - p0dalirius/Awesome-RCE-techniques: Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
Fuzzing
Intro to Fuzzing
- The Fuzzing Book
- Earn $200K by fuzzing for a weekend: Part 1 | secret club
- Easy C/C++ Fuzzer | Installing the Fuzzbuzz CLI | Fuzzbuzz Docs
- Controlling Recursion With Grammars for Data Generation · ▖▚▜ ƞäɼľұ.me ▙▚▝
- Paper Review - Building Fast Fuzzers (Part 1 of 2) - YouTube
- Fuzzing101 with LibAFL
- IAmWinyl/Fuzzer: Fuzzer for CIS4361 Group 3
- Fuzzing Practice | Fuzzing101: An step by step fuzzing tutorial. A GitHub Security Lab initiative
- Gamozo Labs Blog | I blog about random things security, everything is broken, nothing scales, shared memory models are flawed.
- Collection of Papers
- Good Fuzzing Tutorial Blog | 128nops and counting
- Google Online Security Blog: AI-Powered Fuzzing: Breaking the Bug Hunting Barrier
- The art of Fuzzing: Introduction. - Bushido Security
Grammar Based Fuzzing
- Fuzzing with Grammars - The Fuzzing Book
- NDSS19-Nautilus.pdf
Fuzzing Benchmarks & Code Coverage
- FuzzBench: An Open Fuzzer Benchmarking Platform and Service – Google Research
- cycle-by-cycle measurements, similar to @gamozolabs' Sushi Roll technique: andreas-abel/nanoBench: A tool for running small microbenchmarks on recent Intel and AMD x86 CPUs.
- Good VR methodology | Automated Coverage Analysis and Augmenting our Understanding · seeinglogic blog
Kernel and Driver Fuzzing
- IntelLabs/kAFL: A fuzzer for full VM kernel/driver targets
- RUB-SysSec/kAFL: Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels
Building a Corpus
- How to Build a Fuzzing Corpus
- Smart Contract Fuzzer | ityfuzz: Blazing Fast Hybrid Fuzzer for Smart Contracts
- Fuzzing ClamAV with real malware samples – mmmds's blog
- FUZZING'22 Workshop Program
- Fuzzing Workshop 2022 – NDSS Symposium
- Finding and Understanding Bugs in C Compilers
- Fuzzing with Code Fragments
- funfuzz/src/funfuzz/js/jsfunfuzz at master · MozillaSecurity/funfuzz · GitHub
- Csmith
- issre13.pdf
- The Art of Fuzzing – Slides and Demos | SEC Consult
- Automating Web Apps Input fuzzing via Burp Macros - SecureLayer7
- Fuzzing: Brute Force Vulnerability Discovery
- Fuzzing · isislab/Project-Ideas Wiki
- american fuzzy lop
- Scaling AFL to a 256 thread machine | Gamozo Labs Blog
- Fuzz Map
- 1803.01307.pdf
- secfigo/Awesome-Fuzzing: A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
- hellscape - 6 increasingly difficult buggy tool for testing fuzzer
- Structure-Aware Fuzzing with libFuzzer
- RUB-SysSec/nautilus: a grammar based feedback fuzzer
- ClusterFuzz - ClusterFuzz
- TriforceAFL/limit_memory.sh at master · nccgroup/TriforceAFL · GitHub
- Implemented new approach for fuzzer synchronization · googleprojectzero/fuzzilli@5aeae9d · GitHub
- Impeding Fuzzing Audits of Binary Executables
- designing_new_operating_primitives_to_improve_fuzzing_performance_vt.pdf
- AFL-Qemu | fuzzing without source
- Zoo AFL / Digital Security corporate blog / Habr
- afl_gzip.png
- libeatmydata in Launchpad
- AFL/perf_tips.txt at master · google/AFL
- Evaluating Fuzz Testing - UMD
- The Art, Science, and Engineering of a Fuzzer.pdf
- Coverage Guided, Property Based Testing
- Good Fuzzing Talk from Talos
- Cisco-Talos/crashdog
- Cisco-Talos/covnavi
- lcamtuf.coredump.cx/afl/technical_details.txt
- DLFuzz: Differential Fuzzing Testing of Deep Learning Systems
- fuzzowski: the Network Protocol Fuzzer that we will want to use.
- A gentle introduction to Linux Kernel fuzzing
- Hacking Livestream #17: Basics of fuzzing - YouTube
- gamozo - Twitch
- Target Introspection and Profiling
- The Basics
- https://publications.cispa.saarland/3208/7/gopinath2021input.pdf
- Fuzz Week Day 1: An Intro - YouTube
- GitHub - gamozolabs/cookie_dough: A fuzzing introspection tool
- Setting up an environment, writing a fuzzer, and fuzzing something
- Fuzzing for eBPF JIT bugs in the Linux kernel – Simon Scannell
- antonio-morales/EkoParty_Advanced_Fuzzing_Workshop
- #Eko2020 Workshops | Antonio Morales Maldonado: Advanced fuzzing workshop - YouTube
- Fuzzing software: common challenges and potential solutions (Part 1) - GitHub Security Lab
- Windows Kernel Fuzzing For Beginners - Ben Nagy - YouTube
- Fuzzing 101 - YouTube
- PoCxZer0Con-TinyInst-Slides
- Internment binary without source: googleprojectzero/TinyInst: A lightweight dynamic instrumentation library
- googleprojectzero/Jackalope: Binary, coverage-guided fuzzer for Windows and macOS
- Recent Papers Related To Fuzzing | FuzzingPaper
- Resmack: Part 6: Stateful & Dynamic Grammars · ▖▚▜ ƞäɼľұ.me ▙▚▝
- Effectively Fuzzing the IPC Layer in Firefox – Attack & Defense
- Fusssing
- Fuzzing Like A Caveman 5: A Code Coverage Tour for Cavepeople - The Human Machine Interface
- Fuzzing Like A Caveman - The Human Machine Interface
- Fuzzing Like A Caveman 2: Improving Performance - The Human Machine Interface
- Fuzzing Like A Caveman 3: Trying to Somewhat Understand The Importance Code Coverage - The Human Machine Interface
- Fuzzing Like A Caveman 4: Snapshot/Code Coverage Fuzzer! - The Human Machine Interface
- Improving AFL’s QEMU mode performance | 0x41414141 in ?? ()
- How to do efficiently fuzz a network protocol
- Training | FUZZING/IO
- fuzzer-test-suite/structure-aware-fuzzing.md at master · google/fuzzer-test-suite
- [PYTHON] Differential Fuzzing to find logic bugs inside Python email validators (Atheris) - YouTube
- GitHub - intel/kernel-fuzzer-for-xen-project: VMI Kernel Fuzzer for Xen Project - VM forking, VMI & AFL integration demo
- Open Source Peach Fuzzer / protocol-fuzzer-ce · GitLab
- Project Zero: Designing sockfuzzer, a network syscall fuzzer for XNU
- AFLplusplus/LibAFL: Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
- WINNIE : Fuzzing Windows Applications with Harness Synthesis and Fast Cloning – NDSS Symposium
- GitHub - sslab-gatech/winnie: Winnie is an end-to-end system that makes fuzzing Windows applications easy
- Hyper-V Fuzzer: googleprojectzero/Hyntrospect
- Fuzzing and Parsing Securely – FloQast
- Fuzzing Labs Academy
- NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis
- [Tool] Fuzz exotic arch with AFL using Ghidra emulator with code coverage Ex: Fuzzing Xtensa binary code (#esp32) Blog: https://t.co/FN6d4AZJTO Github: https://t.co/QYr2OgTIPY #GHIDRA #AFLplusplus https://t.co/LpUBcFMWzM" / Twitter
- airbus-cyber/afl_ghidra_emu
- Fuzzing exotic architectures with AFL using the Ghidra emulator
- Fuzzing | Trail of Bits Blog
- spike, fuzzer creation kit - Google Search
- CWE - CWE-700: Seven Pernicious Kingdoms (4.4)
- 0vercl0k/wtf: wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows.
- Fuzzing Modern UDP Game Protocols With Snapshot-based Fuzzers
- Performance Speed Limits | Performance Matters
- Ivan Fratric on Twitter: "Hey, psst! Do you like grammar fuzzing with Domato? Jackalope now supports fuzzing with a similar (somewhat simplified) grammar syntax, except it's mutational, coverage-guided and much faster. And of course it also works with black-box binaries. More at https://t.co/pe1oYxNluf" / Twitter
- Good fuzzer blog post: Project Zero: Designing sockfuzzer, a network syscall fuzzer for XNU
- hAFL1 - Our Journey of Fuzzing Hyper-V and Discovering a Critical 0-Day - Guardicore
- Open Source Software / zafl · GitLab
- http://usenix.org/system/files/sec21fall-nagy.pdf
- RUB-SysSec/Nyx: USENIX 2021 - Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types
- Nyx Fuzz
- Crash Deduplication Through Root-Cause Clustering
- BSOD: Binary-only Scalable fuzzing Of device Drivers
- Research | FUZZING/IO
- GitHub - csmith-project/creduce: C-Reduce, a C program reducer
- BSOD, the fuzzer for binary-only device drivers: bsod-kernel-fuzzing: BSOD: Binary-only Scalable fuzzing Of device Drivers
- FormatFuzzer | FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs.
- lcamtuf's blog: Binary fuzzing strategies: what works, what doesn't
- Spinning up Vagrant boxes for driver · GitHub
- Ringzer0 - Hands On Binary Fuzzing and Reverse Engineering
- Snapshot fuzzing direct composition with WTF
- Writing a Windows Fuzzer From Scratch | Legacyy
- GitHub - boschresearch/gdbfuzz
- Fuzzing Against the Machine: Automate vulnerability research with emulated IoT devices on QEMU: Nappa, Antonio, Blazquez, Eduardo, Bassen, Nikias, Lopez-Gomez, Dr. Javier: 9781804614976: Amazon.com: Books
Patch Diffing
- Patch diffing analysis and exploit development targeting Windows Ancillary Function Driver for Winsock (afd.sys) | Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours
- GitHub - VulnerabilityResearchCentre/patch-diffing-in-the-dark: Leveraging patch diffing to discover new vulnerabilities
- ghidriff tool for diffing in Ghidra - Google Search
- GitHub - clearbluejar/recon2023-resources
Browser VR
Chrome Stuff
- V8 Sandbox - External Pointer Sandboxing
- Issues - chromium - An open-source project to help move the web forward. - Monorail
- Fuzzing in Chromium
- google/clusterfuzz: Scalable fuzzing infrastructure.
- v8 exploit | Sakuraのblog
- New Google Chrome Security Alert: Update Your Browsers As ‘High Severity’ Zero-Day Exploit Confirmed
- Regression Test Exposed Embargoed Vuln - N-Day PoC: exploits/chrome-0day at master · r4j0x00/exploits
- Google Chrome, Microsoft Edge zero-day vulnerability shared on Twitter
- Analysis of Chromium issue 1196683, 1195777 | iamelli0t’s blog
- 1144662 - Bypassing ASLR using Oilpan’s conservative garbage collector - chromium
- Multi-process Architecture - The Chromium Projects
- From JavaScript to Kernel - Google CTF 2021 Quals "Full Chain" Writeup - CTFするぞ
- BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution | security-research
- Chrome in-the-wild bug analysis: CVE-2021-30632 | GitHub Security Lab
- CVE-2021-37975: Chrome v8 garbage collector logic bug causing live objects to be collected | 0-days In-the-Wild
- Issues - v8
- v8/v8: The official mirror of the V8 Git repository
- Using d8 · V8
- Chrome/D8: Checking out and building Chromium on Linux
- exploits/chrome-exploit at master · r4j0x00/exploits · GitHub
- [torque] check FixedArray length · v8/v8@85bc1b0 · GitHub
- Fuzzing JavaScript WebAssembly APIs with Dharma/Domato (Chrome/v8)
- v8: The official mirror of the V8 Git repository
- pwnjs: A Javascript library for browser exploitation
- fuzzilli: A JavaScript Engine Fuzzer
- learning-v8: Project for learning V8 internals
- Zon8Research/v8-vulnerabilities: Corpus of public v8 vulnerability PoCs.
- Chromium Stack Overflow: 799918 - Stack-buffer-overflow in SkPackBits::Unpack8 - chromium
- Phrack - Javascript Engine Basics
- Phrack - Javascript Jit Type Confusion
- [super ic] Fix receiver vs lookup start object confusion related to module exports (I8944f2f1) · Gerrit Code Review
- GitHub - Phuong39/PoC-CVE-2021-30632: PoC CVE-2021-30632 - Out of bounds write in V8
- STAR Labs | Blog | The Cat Escaped from the Chrome Sandbox
- Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals - Jack Hacks
- Google Chrome V8 ArrayShift Race Condition Remote Code Execution - Exodus Intelligence
Firefox
- Firefox JIT Use-After-Frees | Exploiting CVE-2020-26950 - SentinelOne
- Zero Day Initiative — But You Told Me You Were Safe: Attacking the Mozilla Firefox Sandbox (Part 2)
- mistymntncop/CVE-2022-1802
- Zero Day Initiative — The Story of Two Winning Pwn2Own JIT Vulnerabilities in Mozilla Firefox
Safari
- Patch Gapping a Safari Type Confusion | Theori
- Apple Safari - Wasm Section Exploit
- Weaponization of a JavaScriptCore Vulnerability | Ret2 Systems Blog
- Vulnerability Discovery Against Apple Safari | Ret2 Systems Blog
- Weaponization of a JavaScriptCore Vulnerability | RET2 Systems Blog
- Awesome-browser-exploit: awesome list of browser exploitation tutorials
- GitHub - singularseclab/Browser_Exploits: A collection of browser exploitation codes from Singular Security Lab.
- GitHub - singularseclab/Slides: A collection of slides from Singular Security Lab.
- New Series: Getting Into Browser Exploitation
- A Methodical Approach to Browser Exploitation | RET2 Systems Blog
- Modern Browser Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 3) | Home
- Browser haxx0ring: Let's write an exploit for an integer overflow in JavaScript typed arrays - YouTube
- Hacking Browsers - Setup and Debug JavaScriptCore / WebKit - YouTube
- RET2 Systems Github
- ZDI-19-366 | Zero Day Initiative
- Github WebAssembly CVE PoC
- Project 0 - The-Problems-and-Promise-of-WebAssembly.pdf
- Project Zero: The Problems and Promise of WebAssembly
- AddressSanitizer (ASan)
- https://fineas.github.io/FeDEX/post/chakracore.html
- Introduction to TurboFan
- Exploit Development: Browser Exploitation on Windows - Understanding Use-After-Free Vulnerabilities | Home
- 32 bits, 32 gigs, 1 click... | RET2 Systems Blog
- Firefox and Chromium | Madaidan's Insecurities
- Attacking Javascript Engines 2022 | https://saelo.github.io/presentations/offensivecon_22_attacking_javascript_engines.pdf
- Browser Exploitation Collection of Resources
- Stephen Sims SANS | Browser Exploitation Introduction - YouTube
Linux VR
Linux Syscall Stuff
- Linux syscall tables
- Linux Syscall Reference
- Linux System Call Table for x86 64 · Ryan A. Chapman
Linux Kernel VR/Exploitation
- CVE-2021-43267: Remote Linux Kernel Heap Overflow | TIPC Module Allows Arbitrary Code Execution - SentinelOne
- Kubernetes Container Escape Using Linux Kernel Exploit | CrowdStrike
- Project Zero: The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)
- Google Online Security Blog: Making Linux Kernel Exploit Cooking Harder
- GitHub - Ascotbe/Kernelhub: Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
- CVE-2022-29582 - io-uring
- oss-sec: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)
- pkexec vuln - argv silliness | ~ryiron
- GitHub - taviso/loadlibrary: Porting Windows Dynamic Link Libraries to Linux
Windows VR
Kernel/Driver VR & Exploitation
- Hunting Vulnerable Kernel Drivers – VMware Security Blog
- Windows Kernel Exploitation – Arbitrary Memory Mapping (x64) • Vulndev
- Journey into Windows Kernel Exploitation: The Basics | by Jean | Aug, 2023 | Neuvik
- 2139 - Windows Kernel win32k UAF of the PDEVOBJ object via a race condition in NtGdiGetDeviceCapsAll - project-zero
- Project Zero: Hunting for Bugs in Windows Mini-Filter Drivers
- Fuzzing Windows · intel/kernel-fuzzer-for-xen-project Wiki
- Defeating KASLR in modern operating systems | by Eugene Ng | CSG @ GovTech | Medium
- Modern Kernel Exploitation | Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG | Home
- Windows Kernel Driver Exploitaiton: Hackingz Ze Komputerz - Exploiting CAPCOM.SYS - Part 1 - YouTube
- Windows Kernel Driver Hacking Pt 2: Hackingz Ze Komputerz - Exploiting CAPCOM.SYS - Part 2 - YouTube
- Windows Kernel Exploitation Tutorial Part 1: Setting up the Environment - rootkit
- GitHub - yardenshafir/IoRingReadWritePrimitive: Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2
- GitHub - Ascotbe/Kernelhub: Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
- Windows VR Blog - wumb0in
- Good Windows VR Blog
- Microsoft Patch Tuesday by Morphus Labs
- Windows security - Windows security | Microsoft Docs
- Intro to Vulnerability Research - Debugging and Intro to WinDbg - Such Security. wow.
- windows deep internals blog
- Windows ETW Attacking
- Publications/WSL_slides.pdf at master · saaramar/Publications · GitHub
- Hotpatching on Windows - Microsoft Tech Community
- MSRC-Security-Research/WOOT19 - Trends and challenges in vulnerability mitigation.pdf at master · microsoft/MSRC-Security-Research
- VMware Workstation for rapid kernel and driver debugging - ioncodes/kdbg-driver-workstation
- Windows CVE PoC's - klinix5 (Abdelhamid Naceri) · GitHub
- Windows CVE Blog Posts - Abdelhamid Blog | klinix5
- One I/O Ring to Rule Them All: A Full Read/Write Exploit Primitive on Windows 11 – Winsider Seminars & Solutions Inc.
- Project Zero: Windows Exploitation Tricks: Trapping Virtual Memory Access
- Microsoft Office to publish symbols starting August 2022 – Microsoft Security Response Center
Mobile Device (Android/iOS) VR
Android VR/Exploitation
- Dalvik Debugger - CTF Flag Receiver - Mobile Reverse Engineering – ctf.rip
- Drozer - Android CTF - CTFFlagReceiver writeup
- GitHub - jiayy/android_vuln_poc-exp: This project contains pocs and exploits for android vulneribilities
- Android Internals
- Android Internals
- Android Internals
- Android Internals: A Confectioner's Cookbook
- AnSec2.0
- Android-Excerpt
- M1Con CTF Write up
- YouTube
- codemetrix.net - Hacking Android apps with FRIDA I
- How to start Reverse Engineering on Android Application by Ankit Mishra - network, host, download | Peerlyst
- How to start Reverse Engineering on Android Application - Part 2 by Ankit Mishra - download, virtual machine, location | Peerlyst
- How to start Reverse Engineering on Android Application – Part 3 by Ankit Mishra - credentials, vulnerable, knowledge | Peerlyst
- ashishb/android-security-awesome: A collection of android security related resources
- Android Hacker's Handbook
- 1942 - Android: Use-After-Free in Binder driver - project-zero - Monorail
- Project Zero: MMS Exploit Part 1: Introduction to the Samsung Qmage Codec and Remote Attack Surface
- Exploitation of a Samsung Galaxy Note 10+ Zero-Click RCE Bug via MMS - YouTube
- Android Exploits 101 Workshop - YouTube
- Android Stack Overflow
- Project Zero: A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain
- Exploiting memory corruption vulnerabilities on Android | Oversecured Blog
- Shared Library Injection on Android 8.0
- Introduction to Android Kernel Exploitation
- Answers on Sharon’s Android: A Cellebrite CTF 2023 Recap - Cellebrite
- Visualizing Android Code Coverage Pt.1
Apple/iOS VR
- Apple Platform Security
- Apple Platform Security - Web
- Project Zero: Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
- seemoo-lab/owl: An open Apple Wireless Direct Link (AWDL) implementation written in C
- SEEMO AWDL - Google Search
- Project Zero: An iOS zero-click radio proximity exploit odyssey
- One Billion Apples' Secret Sauce: Recipe for the Apple Wireless Direct Link Ad hoc Protocol
- sec19fall_stute_prepub.pdf
- Apple "apk's" - iPAHUB :: Home
- ios-gamed-0day
- ios-nehelper-enum-apps-0day
- ios-nehelper-wifi-info-0day
- ios-analyticsd-pre14.7-exploit
- Bindiff and POC for the IOMFB vulnerability, iOS 15.0.2 | IOMFB_integer_overflow_poc
- Azeria | Write up of iOS exploit - Walking through the underlying exploit development process
- Secfault Security - Writing an iOS Kernel Exploit from Scratch
- Apple M1 RE Guide: Explainer 070.pdf - Google Drive
- CVE-2021-30860: Apple zero-click Analysis: Analysis of CVE-2021-30860 the flaw and fix of a zero-click vulnerability, exploited in the wild
- Analyzing Pegasus Spyware’s Zero-Click iPhone Exploit ForcedEntry
- Project Zero: CVE-2021-30737, @xerub's 2021 iOS ASN.1 Vulnerability
- Guide to Reversing and Exploiting iOS binaries Part 2: ARM64 ROP Chains
- Heap Overflows on iOS ARM64: Heap Spraying, Use-After-Free (Part 3)
- Heap Overflow on iOS/Android ARM64 - YouTube
- iOS Hacking - A Beginner’s Guide to Hacking iOS Apps [2022 Edition] | martabyte
- Project Zero: A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution
Tools for Mobile Exploitation
- iOS Pentesting Tools Part 3: Frida and Objection – allysonomalley.com
- GitHub - sensepost/objection: 📱 objection - runtime mobile exploration
- The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering.
MacOS/Apple VR
- Getting started in macOS security · theevilbit blog
- Introduction to Apple Silicon · AsahiLinux/docs Wiki
- Exploiting an Unbounded memcpy in Parallels Desktop | RET2 Systems Blog
- Zero click vulnerability in Apple’s macOS Mail | by Mikko Kenttälä | Apr, 2021 | Medium
- 1937 - macOS: Kernel use-after-free due to race condition in wait_for_namespace_event() - project-zero - Project Zero - Monorail
- sslab-gatech/pwn2own2020: Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities
Cloud VR
- AWS RDS Vulnerability Leads to AWS Internal Service Credentials
- Exploiting AWS | Flaws2.Cloud
- Exploiting AWS | CloudSec - 🌩 Cloudy With A Chance of Security
- MITRE ATT&CK in Google Cloud Platform (GCP)
- Free Cloud Security Labs | iknowjason/Awesome-CloudSec-Labs: Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
- GATOR: tool designed to aid in research and exploiting Google Cloud Environments
IoT/Game Consoles/Embedded Systems VR
Courses
- Binary Analysis Course – Max Kersten
- IoT Firmware Exploitation Registration, Multiple Dates | Eventbrite
- Build a Modern Computer from First Principles: From Nand to Tetris (Project-Centered Course) | Coursera
- nand2tetris
- Hardware Security | Coursera
- Simple CPU v1
- Hacking USB on the Cheap with USB-Tools
- firmware-security-training: Intel ATR Training: Security of BIOS/UEFI System Firmware from Attacker and Defender Perspectives
- Advanced Computer Architecture
- FPGA Embedded Design & Electronics for Developers
- Embedded Software Engineering 101 — Embedded
- Hardware Debugging for Reverse Engineers Part 1: SWD, OpenOCD and Xbox One Controllers | Wrongbaud's Blog
Videos to learn from
- How safe is a Wifi Cloud Hub Router (from hackers)? - YouTube
- BlueHat IL 2019 - Andrew "bunnie" Huang - Supply Chain Security: "If I were a Nation State...” - YouTube
- Hardware Wallet Hack: Ledger Nano S - f00dbabe - YouTube
- Hackaday | Fresh hacks every day
- Relyze Software Limited - Advanced Software Analysis: CVE-2022-27643 - NETGEAR R6700v3 upnpd Buffer Overflow Remote Code Execution Vulnerability
- Methodologies For Hacking Embedded Security Appliances
- Changing your MAC address in Windows - inc0x0
- joe grand youtube - Google Search
- MDS Attacks: Microarchitectural Data Sampling
- htruong/hackable-consumer-hardware: List of hackable consumer hardware products
- Mastering Embedded Linux, Part 5: Platform Daemons • &> /dev/null
- GitHub - praetorian-code/DVRF: The Damn Vulnerable Router Firmware Project
- Getting Started with Damn Vulnerable Router Firmware (DVRF) v0.1
- Pwn2Own Tokyo 2020: Defeating the TP-Link AC1750 | Synacktiv
Specific Software VR
Apache
- tangxiaofeng7/apache-log4j-poc: Apache Log4j 远程代码执行
Java
- Log4Shell: RCE 0-day exploit found in log4j, a popular Java logging package | LunaSec
- Log4j RCE CVE-2021-44228 Exploitation Detection
- Log4j2 Vuln - JNDI Lookup Vuln Explained: "Apache Log4j2 jndi RCE #apache #rce https://t.co/ZDmc7S9WW7 https://t.co/CdSlSCytaD" / Twitter
- Log4j2 Vuln Writeup
- Restrict LDAP access via JNDI by rgoers · Pull Request #608 · apache/logging-log4j2
- Exploiting JNDI Injections in Java | Veracode blog
- alexandre-lavoie/python-log4rce: An All-In-One Pure Python PoC for CVE-2021-44228
- kagancapar/CVE-2022-29072: 7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area.
- CS:GO: From Zero to 0-day — Neodyme
- Adobe Flash Exploitation, Then and Now: From CVE-2015-5119 to CVE-2018-4878 – MDSec
AI VR
- The AI Attack Surface Map v1.0 - Daniel Miessler
Arm Specific Stuff
- Smashing the ARM Stack: ARM Exploitation Part 1 — Mercked Security
- Root Me | Arm Exploitation Challenges
- Writing ARM Shellcode | Azeria Labs
- The Importance of Deep Work & The 30-Hour Method for Learning a New Skill | Azeria Labs
- Assembly Basics Cheatsheet | Azeria Labs
- Emulate Raspberry Pi with QEMU | Azeria Labs
- Emulating Arm Firmware | Azeria Labs
- Lab VM 2.0 | Azeria Labs
- Part 3: Stack Overflow Challenges | Azeria Labs
Bluetooth Hacking
- The Practical Guide to Hacking Bluetooth Low Energy
- Draft NIST SP 800-121 Rev. 2, Guide to Bluetooth Security
Code Auditing
- Code Audits 1 - Fall 2011 on Vimeo
- Code Audits 2 - Fall 2011 on Vimeo
Bug Bounty Stuff
- Hackers Hut
- HackerOne: Vulnerability Coordination and Bug Bounty Platform
- GitHub - nashcontrol/bounty-monitor: Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains participating in bug bounty programs.
- How to Break Into Security, Miller Edition — Krebs on Security
- [lcamtuf.coredump.cx]
- Home — Rode0day
- Bug Bounty Toolkit – BugBountyHunting – Medium
- djadmin/awesome-bug-bounty: A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
- Another list of bug bounty write-ups
- How I could have stolen your photos from Google - my first 3 bug bounty writeups
- Home | Zero Day Initiative
- ATT&CK® Navigator
- NVD - Results
- CVE - Common Vulnerabilities and Exposures (CVE)
- CVE Trends - crowdsourced CVE intel
- CVE security vulnerability database. Security vulnerabilities, exploits, references and more
- Security vulnerability search
- Attack Surface Analysis - OWASP Cheat Sheet Series
- CodeQL - GitHub Security Lab
- call table with arguments
- Project Zero: 0day "In the Wild"
- How spending our Saturday hacking earned us 20k – intigriti – Medium
- Projects - Systems Software and Security Lab
- The Cyber Grand Challenge | Shellphish
- Recreating exploits - Disk Pulse Enterprise 9.9.16 - Remote Buffer Overflow (SEH) - Zero Aptitude
- https://0dayfans.com
- hacktricks: Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
CNO Dev, Rootkits, Malware Dev
Windows CNO Dev
Training
- CodeMachine - Training
- RED TEAM Operator: Malware Development Intermediate Course
- Offensive Driver Development
- RED TEAM Operator: Malware Development Advanced - Vol.1
- Signal Labs | Offensive Tool Development
- Pavel Yosifovich Training | TrainSec - Low Level Security and Programming Training
Useful Books
- Windows 10 System Programming, Part 1: Yosifovich, Pavel + Free Shipping
- Windows 10 System Programming, Part 2: Yosifovich, Pavel + Free Shipping
- Windows Native API… by Pavel Yosifovich [Leanpub PDF/iPad/Kindle]
Windows Rootkits & Kernel Stuff
Windows Driver Signing
- Defeating Windows Driver Signing - The_Evolution_of_TDL.pdf
- Good Windows Kernel Book | The rootkit arsenel book
- The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System: Escape and Evasion in the Dark Corners of the System: Blunden, Bill: 9781449626365: Amazon.com: Books
- Another Good Windows Rootkit Book | windows kernel programming - Google Search
- Windows CNO Kernel Dev - Kernel Karnage – Part 1 – NVISO Labs
- Windows Kernel Programming Class Recordings – Pavel Yosifovich
- syllabi/Windows Kernel Programming.pdf at main · zodiacon/syllabi · GitHub
Code Samples and Github Repos
- GitHub - rad9800/VehApiResolve
- ORCA / EntropyFix · GitLab
- GitHub - S4R1N/AlternativeShellcodeExec: Alternative Shellcode Execution Via Callbacks
- Collection of WIN-API Tricks | vxunderground/VX-API: Malware rapid development framework
- Malware Dev Workshop | GitHub - chvancooten/maldev-for-dummies: A workshop about Malware Development
- scythe-io/memory-module-loader: An implementation of a Windows loader that can load dynamic-linked libraries (DLLs) directly from memory
- PEB Walking Technique - Malware Analysis
- fancycode/MemoryModule: Library to load a DLL from memory.
- PSBits/AppLockerBypass at master · gtworek/PSBits
- ORCA666
- Cracked5pider (C5pider) · GitHub
- GitHub - MalwareApiLib/MalwareApiLibrary: collection of apis used in malware development
- GitHub - ChoiSG/OneDriveUpdaterSideloading: Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
- ORCA / SuspendedNtdllUnhook · GitLab
- Hiding Payload in GPU Memory | ORCA / GP · GitLab
- GitHub - byp455/CanYouCTheThief: A C implementation of the Sektor7 "A Thief" Windows privesc technique.
- This can be used on Windows to determine if UAC is enabled, and whether the current process is elevated. · GitHub
- optiv/Ivy: Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
- GitHub - rad9800/TamperingSyscalls
- microsoft/Windows-classic-samples: This repo contains samples that demonstrate the API used in Windows classic desktop applications.
- Suborner - A simple program to create a Windows account you will only know about
- ORCx41/DeleteShadowCopies: Deleting Shadow Copies In Pure C++
- Released a PoC for Heaven's Gate · daem0nc0re/AtomicSyscall@15edf1c
- GitHub - dadas190/Heavens-Gate-2.0: Executes 64bit code from a 32bit process
- metasploit-framework/modules/payloads/stagers/windows at master · rapid7/metasploit-framework
- Meterpreter | Export Init | meterpreter/metsrv.c at master · rapid7/meterpreter
- Meterpreter | export ReflectiveLoader | Executable IMAGE_DOS_HEADER | Reflective DLL | Stephen Fewer metasploit-framework/reflective_dll_inject.rb at master · rapid7/metasploit-framework
- NtCreateSection + NtMapViewOfSection Code Injection - Red Teaming Experiments
- UAC bypass AzAgarampur/byeintegrity9-uac
- Red Team Tool - Shellcode/PIC Generator | GitHub - TheWover/donut: Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
- Code Samples that mimick malware techniques - jstrosch/learning-malware-analysis: This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware.
- C++ How to detect Windows Server 2019? - Stack Overflow
- Offline admin creation on Win10/11 | PSBits/OfflineSAM/OfflineAddAdmin2 at master · gtworek/PSBits · GitHub
- LdrLibraryEx: A small x64 library to load dll's into memory.
- Kudaes/Fiber: Using fibers to run in-memory code in a different and stealthy way.
- lem0nSec/CreateRemoteThreadPlus: CreateRemoteThread: how to pass multiple parameters to the remote thread function without shellcode.
- GitHub - CognisysGroup/HadesLdr: Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
- Dllinjector: dll injection tool that implements various methods
Blogs, Articles, Videos, etc
- Understanding_a_Payloads_Life | Advanced Payloads, Staging, and Reflective Loading
- Understanding a Payload's Life - Featuring Meterpreter & other guests - YouTube
- Malware Dev Workshop Blog Posts
- Windows CNO Dev Blog
- Dissecting the Windows Defender Driver - WdFilter (Part 1) :: Up is Down and Black is White — n4r1b
- Abusing Windows’ Implementation of Fork() for Stealthy Memory Operations
- Malware Dev Blog | Capt. Meelo
- Hiding malicious code with “Module Stomping”: Part 3 - F-Secure Blog
- Recreating an ISO Payload for Fun and No Profit
- Weaponizing and Abusing Hidden Functionalities Contained in Office Document Properties | Offensive Security
- Windows C In-memory Module Loader: SCYTHE Library: Loading Capabilities from Memory: Open Sourcing SCYTHE's Windows C In-memory Module Loader
- Undetected downloading mimikatz - Cmdl32.exe
- 𝓂ε乙0 on Twitter: "@rad9800's TamperingSysCalls makes it easy to spoof arguments! The screenshot below shows the NtAllocateVirtualMemory handle being initially set to self, and then later changing it to inject into Notepad. My EDR's Userland DLL identifies the wrong PID! 👿 https://t.co/wm9EU7D0Qb" / Twitter
- GitHub - icyguider/Shhhloader: Syscall Shellcode Loader (Work in Progress)
- Malware sandbox evasion in x64 assembly by checking ram size - Part 1
- Writing an Independent Malware - Hack.Learn.Share
- Malware Development - Hack.Learn.Share
- Useful Libraries for Malware Development - Hack.Learn.Share
- Raphael Mudge YT Series | Red Team Operations with Cobalt Strike (2019)
- Paul U. (5pider) on Twitter: "Wrote a really bad, faulty, and or buggy BOF but you wanna test it without crashing the agent session? Then why not handle the exception yourself and send the status back using Vectored Exception Handlers. https://t.co/eDIwu842Ga" / Twitter
- Making Self-Deleting Malware - YouTube
- Abusing undocumented features to spoof PE section headers | secret club
- Conferences/Defcon31 at main · OtterHacker/Conferences
- Offensive Development - Post-Exploitation Tradecraft in an EDR World
- 05 - BruCON 0x0D - PIC Your Malware! - Ben Heimerdinger and Sebastian Feldmann - YouTube
DLL Things (Injection, Hijacking, Hollowing, etc)
- [C/C++] Reverse Engineering Tutorial for newbies - Tutorials - rohitab.com - Forums
- Reflective DLL Injection - Red Teaming Experiments
- Proxying DLL Loads For Hiding ETWTI Stack Tracing
- Masking Malicious Memory Artifacts – Part I: Phantom DLL Hollowing
- Masking Malicious Memory Artifacts – Part I: Phantom DLL Hollowing
- Masking Malicious Memory Artifacts – Part II: Blending in with False Positives
- Masking Malicious Memory Artifacts – Part III: Bypassing Defensive Scanners
Process Injection
- Nim on the Attack: Process Injection Using Nim and the Windows API – HuskyHacks
- Exploring Process Injection OPSEC – Part 1 – Rasta Mouse
- Process Hollowing and Portable Executable Relocations - Red Teaming Experiments
LOL Bins/Drivers
Binaries
- LOLBAS - Windows Binaries Exploited for Priv Esc
- Who Needs Macros? | Threat Actors Pivot to Abusing Explorer and Other LOLBins via Windows Shortcuts - SentinelOne
Drivers
- A Behind-the-Scenes Look at Creating LOLDrivers | by Michael Haag | magicswordio | Nov, 2023 | Medium
- List of vulnerable drivers | Microsoft recommended driver block rules (Windows) | Microsoft Learn
- List of Vulnerable Drivers | GitHub - LOLDrivers-Project/LOLDrivers
- List of Vulnerable Drivers | sigma/driver_load_win_vuln_drivers.yml at master · SigmaHQ/sigma · GitHub
- LOLDrivers | List of known Vulnerable Drivers
- LOLDrivers/detections at main · magicsword-io/LOLDrivers · GitHub
- LOLDrivers/authentihash_samples.sha256 at main · magicsword-io/LOLDrivers · GitHub
- Living Off The Land Drivers 1.0 Release: New Features, Enrichments, and Community Contributions | by Michael Haag | magicswordio | May, 2023 | Medium
- Signed kernel drivers – Unguarded gateway to Windows’ core
- No fix in sight for mile-wide loophole plaguing a key Windows defense for years | Ars Technica
- Finding and exploiting process killer drivers with LOL for 3000$ - Alice Climent-Pommeret
EDR/AV Things
Code Samples
- GitHub - RoseSecurity/Anti-Virus-Evading-Payloads: During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
- PSBits/TrollAV at master · gtworek/PSBits
- Bypass Some Av Products - ORCA666 / 3in1 · GitLab
- GitHub - ZeroMemoryEx/Blackout: kill anti-malware protected processes using BYOVD
- Attacking an EDR - Part 1
- Module Stomping for EDR Evasion
- DEF CON 26 - Alexei Bulazel - Reverse Engineering Windows Defenders Emulator - YouTube
- Evading EDR | No Starch Press
- A story about tampering EDRs - RedOps
- Batch Files bypass AV Checks
- Exploring Antivirus and EDR evasion techniques step-by-step. Part 1 | by bob van der staak | Oct, 2023 | InfoSec Write-ups
- Lets Create An EDR... And Bypass It! Part 1 - Ethical Chaos
Syscall Things (Syswhispers, etc)
- GitHub - CaptainNox/Hypnos: A more reliable way of resolving syscall numbers in Windows
- Maldev-Academy/HellHall: Performing Indirect Clean Syscalls
- Malware-Analysis/Indirect Syscalls.md at main · dodo-sec/Malware-Analysis · GitHub
- Exploring Hell's Gate - RedOps - English
- Direct Syscalls vs Indirect Syscalls - RedOps - English
- GitHub - VirtualAlllocEx/DEFCON-31-Syscalls-Workshop: Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
Obfuscation
- Obfuscated Windows Drivers via Github Actions | NewWorldComingSoon/llvm-msvc-windows-driver-template: Windows kernel driver template for cmkr and llvm-msvc.
- Obfuscated Windows Drivers via Github Actions
Writing Shellcode in C (PIC)
- Writing and Compiling Shellcode in C - Red Team Notes
- Chapter 10 Building Shellcode in C - The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System, 2nd Edition [Book]
- Writing Optimized Windows Shellcode in C - phasetw0
- From C, with inline assembly, to shellcode - 0xTriboulet
- Writing Shellcode with a C Compiler | Nick Harbour's Code and Reverse Engineering Articles
- Hasherezade | VXUG-Papers/From a C project through assembly to shellcode.pdf at main · vxunderground/VXUG-Papers · GitHub
- 05 - BruCON 0x0D - PIC Your Malware! - Ben Heimerdinger and Sebastian Feldmann - YouTube
- PIC your malware
- AMSI.fail - obfuscated PowerShell snippets that break or disable AMSI for the current process
- AppLocker (Windows) - Windows security | Microsoft Docs
- Network Provider - Sneaky alternative to extract credentials
- x86matthew - WindowsNoExec - Abusing existing instructions to executing arbitrary code without allocating executable memory
- GitHub - mbrg/power-pwn: A demo showing how to repurpose Microsoft-trusted executables, service accounts and cloud services to power a malware operation
MacOS CNO Dev
- MacOS Persistence: Beyond the good ol' LaunchAgents - Introduction · theevilbit blog
- Mac Malware 2021 Analysis
Linux CNO Dev
Linux Rootkits
- Horse Pill: A New Type of Linux Rootkit - YouTube
- Kernel Rootkits - Dino Zovi
- Phrack - Linux on-the-fly kernel patching without LKM
- Rootkit-based attacks and defenses - Rutgers University
- Creating a Rootkit to Learn C - The Human Machine Interface
- Analyzing Jynx and LD_PRELOAD Based Rootkits
- GitHub - h3xduck/TripleCross: A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
- Offensive capabilities enabled by eBPF (rootkit)
- Linux Kernel Rootkit Dev | TheXcellerator
- Linux Rootkits Part 2: Ftrace and Function Hooking :: TheXcellerator
Code Samples and Github Repos
- Shellcode: A reverse shell for Linux in C with support for TLS/SSL | modexp
- AdnaneKhan/Ultratool: Ultratool is a toy malicious program targeting Ubuntu Desktop 20.04
- arget13/DDexec: A technique to run binaries filelessly and stealthily on Linux using dd to replace the shell with another process.
- Phrack - Linux on-the-fly kernel patching without LKM
- Course: Become an APT: Write Your Own Linux Malware
- [Linux] Infecting Running Processes - Programming - 0x00sec - The Home of the Hacker
- sektor7 | Pure In-Memory (Shell)Code Injection In Linux Userland
- Linux Malware Dev - TMZ Lair - Underground Coding
- In-Memory-Only ELF Execution (Without tmpfs) Mrs Quis Will Think of a Better Title
IoT CNO Dev
- GitHub - arthastang/IoT-Implant-Toolkit: Toolkit for implant attack of IoT devices
- The Dragon Who Sold His Camaro: Analyzing Custom Router Implant - Check Point Research
C2 Stuff
- Home - pre.empt
- Maelstrom #1: An Introduction - pre.empt
- Maelstrom #5: EDR Kernel Callbacks, Hooks, and Call Stacks - pre.empt
- Cobalt Strike MITM: AdHoc/cs-mitm.py at master · DidierStevens/AdHoc
- Building a Basic C2 - 0xRick’s Blog
- The C2 Matrix
- Oh my API, abusing TYK cloud API management to hide your malicious C2 traffic - Shells.Systems
- Automating C2 Infrastructure with Terraform, Nebula, Caddy and Cobalt Strike
Training
- Signal Labs - VR & CNO Dev Training
- Kernel Ninjas - Information Security Services
- RED TEAM Operator: Malware Development Essentials Course
- CNO Dev Github: rootkit-io/awesome-malware-development: Organized list of my malware development resources
- The CIA's "Development Tradecraft DOs and DON'Ts" - Schneier on Security
- Vault 7 Stuff
- NOD Cryptographic Requirements v1.1 TOP SECRET.pdf
- Malware Dev Forum: 0x00sec - The Home of the Hacker
- What is ired.team? - Red Teaming Experiments
- CNO Dev Techniques: Binary Armory Wiki - Wiki - 0x00sec - The Home of the Hacker
- Modern Initial Access and Evasion Tactics
- Signal Labs Blog - CNO Dev & EDR Bypass
- Creating The Malware - Fortego | Fortego
- Free,Open-Source,Cross-platform agent and Post-exploition tool written in Golang and C++, the architecture and usage like Cobalt Strike
- Rootkit-based attacks and defenses - Rutgers University
- ReflectionsonTrustingTrust
- Learning-C/Assignment-28 at master · h0mbre/Learning-C
- Malware Development Blog
- Persistence, Tactic TA0003 - Enterprise | MITRE ATT&CK®
- GitHub - LloydLabs/delete-self-poc: A way to delete a locked, or current running executable, on disk.
- Malware Lures Gallery | InQuest
- Hiding Your Syscalls | PassTheHashBrowns
- What you need to know about Process Ghosting, a new executable image tampering attack | Elastic Blog
- Bypassing Image Load Kernel Callbacks - MDSec
- Greencat Writeup & Retargeting Windows to Android
- scythe-io/in-memory-cpython: An In-memory Embedding of CPython
- SCYTHE Library: An In-memory Embedding of CPython with SCYTHE
- Thomas Finch - Hooking C Functions at Runtime
- GitHub - Professor-plum/Reflective-Driver-Loader
- LOTS Project - Living Off Trusted Sites
- Custom Previews For Malicious Attachments | mr.d0x
- Dark Vortex - build your own tools for Red Team Engagements
- GTFOBins - Bypass security restrictions and download files
- Malware development part 1 - basics – 0xPat blog – Red/purple teamer
- HVNC hidden remote VNC desktop
- LD_PRELOAD to hijack functions
- KillDate - Self-Deleting Malware | Patreon
- Improving the stealthiness of memory injections techniques | Naksyn’s blog
Red Team/Pentesting/OSINT
Red-Team (C2, SSH Tunneling, and Other Good Things)
C2/Infrastructure
- Coalfire-Research/Red-Baron: Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
- Red-Team-Infrastructure-Wiki/README.md at master · bluscreenofjeff/Red-Team-Infrastructure-Wiki
- C2 Stuff
- Red Team Laptop & Infrastructure (pt 1: Architecture) – Hacking & Coffee
- Red Team Insights on HTTPS Domain Fronting Google Hosts Using Cobalt Strike - CyberArk
Adversary Emulation
- Research Paper | Emulating Phineas Phisher Attacks in Modern EDR Environments - SentinelOne
- Red Team Guide - Red Team Notes 2.0
- Understanding Various Red Team Techniques
- Adversary Tactics - RTO Training Course - March 2022 Tickets, Tue, Mar 1, 2022 at 9:00 AM | Eventbrite
- List of Red Teaming Resources
- Initial Access (Phishing/Social Engineering/etc)
- Defense Evasion Stuff
- Bring Your Own Land (BYOL) – A Novel Red Teaming Technique | Mandiant
- Red Team Ops
- Red Team Training | Dark Vortex
- A Visual Guide to SSH Tunnels: Local and Remote Port Forwarding
- Good Red Team Tools Presentations | mattifestation (Matt Graeber)
OSINT (reverse phone/image search, url redirection, information hacked)
OSINT (Open Source Intelligence)
Web Scraping
- Web Scraping: Introduction, Best Practices & Caveats
- Scalable do-it-yourself scraping - How to build and run scrapers on a large scale
- What is Web Scraping and How Does Web Scraping It Work?
Shodan
- GitHub - ninoseki/shodan-dojo: Learning Shodan through katas
- Search Query Fundamentals - Shodan Help Center
- ꓘamerka — Build interactive map of cameras from Shodan
- Understanding the Shodan Search Query Syntax
- Hunting C2 with Shodan - Michael Koczwara - Medium
Shodan Alternative
- shodan alternative
Geo Location
- Creepy: A geolocation OSINT tool
- IP-API.com - Geolocation API - Documentation - JSON
- Geotweet_GUI: Social engineering tool
- Geoguesser Hints | Plonk It
- GeoGuesser Hints | GeoHints
- ipinfo/cli: Official Command Line Interface for the IPinfo API (IP geolocation and other types of IP data)
- GitHub - p1ngul1n0/blackbird: An OSINT tool to search for accounts by username in social networks.
- OSINT Tools - OSINT Techniques
- OSINT Recon Tool
- OSINT Search Tool by IntelTechniques | Open Source Intelligence
- Intelius - People Search, Reverse Phone Lookup, Reverse Address Lookup
- GitHub - m3n0sd0n4ld/GooFuzz: GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
- OSINT Cheat Sheet
- GitHub - x0rz/tweets_analyzer: Tweets metadata scraper & activity analyzer
- AsINT_Collection - start.me
- Spiderfoot, an Open Source Intelligence Automation Tool
- Open Source Intelligence Gathering 101 – Appsecco
- crt.sh | Certificate Search
- Domain Dossier - Investigate domains and IP addresses, get owner and registrar information, see whois and DNS records
- Censys (Discover new threats)
- Open Source Intelligence Gathering 201 (Covering 12 additional techniques)
- XRay - mapping and OSINT gathering from public networks.
- DataSploit: An OSINT Framework to perform various recon techniques
- SpiderFoot
- Google Hacking Database, GHDB, Google Dorks
- theHarvester: E-mails, subdomains and names Harvester
- 2019 OSINT Guide
- Google Search Operators: The Complete List (42 Advanced Operators)
- BelleBytes OSINT Guide - Storm CTF
- From Email Address to Phone Number: A New OSINT Approach - Martin Vigo - YouTube
- maltego - Google Search
- ns/mx/dns servers - Google Search
- dnsrecon - Google Search
- sublist3r - Google Search
- OWASP/Amass: In-depth Attack Surface Mapping and Asset Discovery
- mschwager/fierce: A DNS reconnaissance tool for locating non-contiguous IP space.
- mxrch/GHunt: 🕵️♂️ Investigate Google Accounts with emails.
- GitHub - wssheldon/osintui: Open Source Intelligence Terminal User Interface
- OSINT Tools | IntelTechniques Search Engine Tool
Reverse Phone Search
- CallerID Test - Test your CallerID / CNAM for free
- Free Reverse Phone Number Lookup - Cell Phone or Landline | Spy Dialer
- Phone Validator | Is it a Cell or is it a Landline? Reverse Phone Search Lookup
- 100% Free People Search - TruePeopleSearch.com
- OkCaller.com Telephone Safety Directory - Home
- Professional Reverse Cell Phone Lookup Service
- Whocalld
- Redirect Detective - A Free Tool To Trace Where Redirects End Up
- URL and website scanner - urlscan.io
- TinEye Reverse Image Search
- Have I Been Pwned: Check if your email has been compromised in a data breach
- The World's Largest Repository of Historical DNS data
- IP Address API and Data Solutions - geolocation, company, carrier info, type and more - IPinfo.io
- Lumen
- Image Searcher | Yandex.Images
- PimEyes: Face Recognition Search Engine and Reverse Image Search
- Vytal - Spoof Timezone/GeoLocation
- Open Source Surveillance
- OSINT Industries - search for accounts for someones email/phone
Courses/Learning/Tutorials/Tips
Courses
- UMD - Intro to Ethical Hacking
- Practice 5 - System Hacking with Examples - Ethical Hacking Course - en.gburu.net
- Module 6 - Hacking Webservers - Free Ethical Hacking Course - en.gburu.net
- Tactical Burp Suite | Professionally Evil Training
- Advanced Tactical Burp Suite | Professionally Evil Training
- THXAVET - secureideas military discount
- Zero to Hero Pentesting | Cybersecurity Training | The Cyber Mentor
- Hacker101 - Learn How To Hack - Free Online Course | HackerOne
- PCTC - Cyberforce - MCCORC - Pre-RIOT Training
Videos To Learn From
- PowerShell for Penetration Testing: Nishang
- HackerSploit - YouTube
- Web App and Pen-testing | STÖK
- Full Ethical Hacking Course - Beginner Network Penetration Testing (2019) - YouTube
Books
- Gray Hat Hacking: The Ethical Hacker's Handbook, Fifth Edition
Kali Stuff
Metasploit and Armitage
- Armitage - Metasploit Unleashed
- Armitage | Penetration Testing Tools
- Step by step Metasploit walkthrough
- How to create metasploitable 3
- How to setup Metasploitable 3 on Windows 10 - Hacking Tutorials
- Metasploitable 2 Exploitability Guide
- Home · rapid7/metasploitable3 Wiki · GitHub
- Introduction-to-Metasploit.pdf
- Metasploit Unleashed - Free Online Ethical Hacking Course
- Kali Training Course
Hack The Box
Solutions/Walkthroughs
- Hack the Box Challenge: Tally Walkthrough
- GitHub - Hackplayers/hackthebox-writeups: Writeups for HacktheBox 'boot2root' machines
- HackTheBox: Forge Machine Solution | All things hacking
- IppSec - YouTube
- Hack The Box :: Penetration Testing Labs
Labs
- Virtual Hacking Labs | IT Security Training Labs & Courses
- [PentesterLab] Learn Web Penetration Testing: The Right Way
- Georgia Weidman Penetration Testing v2: Labs
Vulnerable VM's and Wargames
- Vulnerable By Design ~ VulnHub
- GitHub - cliffe/SecGen: Create randomly insecure VMs
- Vulnerable Web Apps - Home
- Hacker101 CTF
Methodology/Standards
- Red Teaming and Pentesting Tips | synack.blog
- Pen Testing Standard (READ FOR STUDYING)
- Penetration Testing Methodology - 0DAYsecurity.com
- Cyber Kill Chain® | Lockheed Martin
- Shared thoughts after 6+ years in Pentesting - Inspiration - 0x00sec - The Home of the Hacker
- Where to start - 1st Line to Pen Testing : netsecstudents
- Learning The Ropes 101 Posts
- So You Want To Be a Pentester? - Jack Hacks
- Introduction to Pen Testing
- wtsxDev/Penetration-Testing: List of awesome penetration testing resources, tools and other shiny things
- 125 Hacking Tools For Penetration Testing in 2019 - CyberX
- Interview questions for red team/pentest candidates
- Free Application Security Training For Developers | Kontra
Other Useful Posts/Blogs/Tools
- Hack Back! A DIY Guide - Pastebin.com
- Bespoke: Interactively Synthesizing Custom GUIs from Command-Line Applications By Demonstration - YouTube
- calebstewart/pwncat: Fancy reverse and bind shell handler
- Double Pivoting using SSH and Proxychains4 - theyhack.me
- HackTricks - HackTricks
- blaCCkHatHacEEkr/PENTESTING-BIBLE: Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
- Project Zero: Using Kerberos for Authentication Relay Attacks
- Penetration Testing Tools Our Consultants are Thankful… | Bishop Fox
- Offensive Security Guide to SSH Tunnels and Proxies | by Russel Van Tuyl | Posts By SpecterOps Team Members
- IDOR & Insufficient Session Expiration Examples
Pentesting Cheat Sheets
- ATT&CK™ Navigator
- Most Important Penetration Testing Cheat Sheet Linux Machine
- SANS Penetration Testing Cheat Sheet: PowerShell
- Cheat sheet and notes inspired by the book RTFM - Red Team Field Manual
- Techniques: Enterprise - MITRE ATT&CK
- SecList: the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many
- SANS Pen-testing Resources and Command Line Kung-Fu
OSCP and OSCE Specific Stuff
Recommended for OSCP
- OSCP Goldmine
- Prep guide for Offsec’s PWK – Tulpa Security
- tulpa-pwk-prep-guide1.pdf
- offsec_pdfs: your offsec knowledge
- abatchy's blog | How to prepare for PWK/OSCP, a noob-friendly guide
- Offensive Security Training and Professional Services
- Offensive Security Certified Professional (OSCP) Study Guide Links & Material | Computer Security.org - CyberSecurity News, Information, Education, Certifications, Vulnerabilities and Guides
- Offensive Security – Godlike Security
- Free Advanced Penetration Testing Training Class from Cybrary
- Next Step After OSCP/OSCE? : netsecstudents
- PWK Syllabus Scheduling Question For OSCP Holders : netsecstudents
- Advice on Windows pentesting methodology (OSCP) : HowToHack
- A Detailed Guide on OSCP Preparation - From Newbie to OSCP - Checkmate
- xMilkPowderx/OSCP: OSCP cheet sheet
- x89k - OSCP survival guide
- Cheatsheet-God: Penetration Testing
- Hakluke’s Ultimate OSCP Guide: Part 3 — Practical hacking tips and tricks
- Offensive Security's Guide To Alpha
- Open Broadcaster Software | OBS
- EJgoHe1WoAAAL0k.jpg (865×675)
Recommended for OSCE
- Exploit Writing Tutorials | Corelan Team - Part 2
- Corelan Exploit Development Training
- 0x5 Course Review: Cracking The Perimeter (OSCE)
- Cracking the Perimeter (CTP) + Offensive Security Certified Expert (OSCE)
- Course Review: Offensive Security AWE (Advanced Windows Exploitation) - EH-Net Online Mag
- abatchy's blog: OSCE Study Plan
- My OSCE Review - The Coffeegist
- abatchy's blog | Posts Tagged “OSCE Prep”
Peoples Experiences of OSCP
- OSCP Review
- 31 days of OSCP Experience - ScriptDotSh
- The OSCP: A Process Focused Review – Occult Sec
- www.techexams.net/forums/security-certifications/120656-osce-jollyfrogs-tale.html
- Zero to OSCP in 292 Days... or How I Accidentally the Whole Thing - Part 2
- Check out my review of the OSCP!! Comes with recommendations on how you too can pass the OSCP! I Tried Harder!! Hope this helps! : netsecstudents
- Offensive Security Certified Professional (OSCP) Review - Jim Wilbur's Blog
- Another OSCP Prep Review
- The Journey to Try Harder: TJNull’s Preparation Guide for PWK/OSCP | NetSec Focus
- Hakluke’s Ultimate OSCP Guide: Part 3 — Practical hacking tips and tricks
- Passing OSCP - scund00r
Worth Looking At
- Penetration Testing Tools Cheat Sheet
- Nmap Cheat Sheet
- HighOn.Coffee • Security Research • Penetration Testing Blog
- Linux Commands Cheat Sheet
- Compilation of commands, tips and scripts
Vulnerable VMs
- GoldenEye - New Vulnerable OSCP Style Machine - netsecstudents
- Wintermute OSCP Style Pivot Lab
- hackfest2016: Quaoar ~ VulnHub
- hackfest2016: Sedna ~ VulnHub
- SecOS: 1 ~ VulnHub
- SecTalks: BNE0x03 - Simple ~ VulnHub
- TopHatSec: Freshly ~ VulnHub
- TopHatSec: ZorZ ~ VulnHub
- abatchy's blog | OSCP-like Vulnhub VMs
- CTF Series : Vulnerable Machines
- OSCP like boxes
1. Recon/Information Gathering/Enumeration
NMAP
- Nmap Cheat Sheet
- Nmap Tutorial: from the Basics to Advanced Tips
- Nmap: the Network Mapper - Free Security Scanner
- NMAP CHEAT-SHEET
- 21y4d/nmapAutomator: A script that you can run in the background!
Subdomain/DNS Stuff
- FindSubDomains.com — subdomains search service
- Sublist3r: Fast subdomains enumeration tool
- Another Subdomain List
- Subdomain Wordlist for Knock
- SubBrute: A DNS meta-query spider that enumerates DNS records, and subdomains.
- Knock - Subdomain Scanning
- A penetration tester’s guide to sub-domain enumeration
- MassDNS: A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
- Domain Name Search | Domain Lookup
- Gobuster: Directory/file & DNS busting tool written in Go
- SANS - Foot Printing with WhoIS/DNS records
- DNSdumpster.com - dns recon and research, find and lookup dns records
- dnsrecon: DNS Enumeration Script
- Information-Gathering Resources
- Discover - Combination of Recon Tools
- Th3Inspector 🕵️ best tool for Information Gathering 🔎
- sullo/nikto: Nikto web server scanner
- Google Dorks for finding Emails, Admin users etc.
- Recon-ng — Bitbucket
- EnumerationVisualized Wiki
- SPARTA - scanning and enumeration phase tool
- Reconnoitre: A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
- Search - Public Database Directory - Public DB Host
- Penetration Testing Methodology - 0DAYsecurity.com
- Recon Video List
- Find email addresses in seconds • Hunter (Email Hunter)
- A Pentester's Guide - Part 1 (OSINT - Passive Recon and Discovery of Assets) | Sequoia
- We Leak Info - Data Breach Search Engine
- Tib3rius/AutoRecon: AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
- Shodan Pentesting Guide – TurgenSec Community
- WHOIS | DomainTools | Cyber Threat Intelligence | Threat Investigation Platform
2. Vulnerability Assessment
- Vulnerability-Assessment Resources
- OpenVAS - OpenVAS - Open Vulnerability Assessment System
- Nessus Professional™ Vulnerability Scanner
3. Exploitation
- Exploitation Tools and Resources
- Empire Cheat Sheet
- LocalFileIncludes Cheat Sheet
- Local File Inclusion (LFI) [Definitive Guide] - Aptive
- PowerSploit Cheat Sheet
- PowerView-2.0 tips and tricks
- PowerView-3.0 tips and tricks
- PHP htaccess injection cheat sheet
- Reverse Shell Cheat Sheet
- SQL Injection Cheat Sheet
- SQLite3 Injection Cheat Sheet
- A collection of web attack payloads.
- Useful payloads and bypass for Web App
- unicorn: PowerShell downgrade attack and inject shellcode straight into memory
4. Post Exploitation
Hack Back
- BusyBox
- Nmap: the Network Mapper - Free Security Scanner
- Responder: A LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
- Static-python: A fork of cpython that supports building a static interpreter and true standalone executables
- TCPDUMP/LIBPCAP public repository
- dsniff - For sniffing passwords from plaintext protocols like ftp, and for arpspoofing
- socat - networking swiss army knife
- Screen - GNU Project - Free Software Foundation
- SOCKS Proxy Server - Simple socks5 server in C++
- tgcd - For forwarding ports, like for the SOCKS server, through the firewall - TCP/IP Gender Changer Daemon
- Mimikatz: A little tool to play with Windows security
- Samba - opening windows to a wider world
- ProxyChains - TCP and DNS through proxy server. HTTP and SOCKS
- GitHub - Neohapsis/creddump7
- Understanding Windows Lateral Movements
- Understanding_Windows_Lateral_Movements_2023.pdf
- Lateral Movement Stuff
- Post-Exploitation Resources (Windows)
- rebootuser/LinEnum: Scripted Local Linux Enumeration & Privilege Escalation Checks
- Post-Exploitation - NYU Poly 2011
- Transferring files from Kali to Windows (post exploitation)
- PowerSploit - A PowerShell Post-Exploitation Framework
- Empire: A PowerShell and Python post-exploitation agent.
- Persistence Stuff
- enum4Linux: is a Linux alternative to enum.exe
- enum4linux Cheat Sheet
- PwnWiki.io - TTPs (tools, tactics, and procedures) for what to do after access has been gained
- Gaining Access Video List
5. Privilege Escalation
Linux Privesc
- Basic Linux Privilege Escalation
- Linux_Exploit_Suggester: Linux Exploit Suggester; based on operating system release number
- Linux-exploit-suggester-2: Next-Generation Linux Kernel Exploit Suggester
- Checksec.sh - Check Securities on a file
- Linux Privilege Escalation via Automated Script
- A guide to Linux Privilege Escalation - payatu
- Abusing SUDO (Linux Privilege Escalation)
- Editing /etc/passwd File for Privilege Escalation
- Linuxprivchecker Script
- Linux Privilege Escalation Using PATH Variable
- Linux Privilege Escalation using Misconfigured NFS
- Linux Privilege Escalation via Dynamically Linked Shared Object Library | Context Information Security EN
- Local Linux Enumeration & Privilege Escalation Cheatsheet – Rebootuser
- Privilege Escalation on Linux with Live examples
- 4 Ways to get Linux Privilege Escalation
- Linux Privilege Escalation by Exploiting Cronjobs
- Privilege Escalation - Linux · pentestbook
- Linux elevation of privileges
- TryHackMe | Linux PrivEsc
- Linux privesc 23 years old | https://lcamtuf.coredump.cx/soft/ld-expl
Windows Privesc
- PowerSploit
- PowerUp Cheat Sheet
- Windows-Exploit-Suggester
- Sherlock: PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
- WindowsExploits
- Windows-kernel-exploits
- Metasploit Framework
- Well, That Escalated Quickly… – To Shell And Back: Adventures In Pentesting
- OSCP - Windows Priviledge Escalation
- Privilege-Escalation Scripts
- Checklists-Windows-Privilege-Escalation
- Windows Privilege Escalation Fundamentals
- Windows Privilege Escalation Guide
- Windows Privilege Escalation Methods for Pentesters – Pentest Blog
- A Virgil's Guide to Pentest: Escalation Time
- BeRoot For Windows – Privilege Escalation Project – Haxf4rall
- Elevating privileges by exploiting weak folder permissions | GreyHatHacker.NET
- Windows Priv Esc Stuff
- icerbreaker - Priv Escalation - Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment
- Windows elevation of privileges
- OneTab shared tabs
- FuzzySecurity | Windows Privilege Escalation Fundamentals
- Windows Privilege Escalation for OSCP & Beyond! | Udemy
- TryHackMe | Windows PrivEsc
- Windows checksec equivalent · GitHub
- Windows / Linux Local Privilege Escalation Workshop
- rebootuser/LinEnum: Scripted Local Linux Enumeration & Privilege Escalation Checks
- sqlmap-cheatsheet
- SQLMap Tamper Scripts (SQL Injection and WAF bypass)
- Privilege Escalation Video List
- Recipe for Root – Your Cookbook for Privilege Escalation
- Privilege Escalation Cheatsheet (Vulnhub)
- Ignitetechnologies/Privilege-Escalation: This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
- LOLBAS
- Access Control, XSS, and Priv Esc Mind-Maps
- GTFOBins - Linux Binaries Exploited for Priv Esc
6. Reporting
- Reporting - The Penetration Testing Execution Standard
- sample-penetration-testing-report.pdf
- Curated list of public penetration test reports
- Cure53 – Fine penetration tests for fine websites
Active Directory
- Active Directory Pentest Mindmap | pentest_ad.png
- Introducing BloodHound
- My First Go with BloodHound | Strategic Cyber LLC
- BloodHoundAD - reveal the hidden and often unintended relationships within an Active Directory environment
- Active Directory Pentesting Archives - ScriptDotSh
- Active Directory Security – Active Directory & Enterprise Security, Methods to Secure Active Directory, Attack Methods & Effective Defenses, PowerShell, Tech Notes, & Geek Trivia…
- Top Five Ways I Got Domain Admin on Your Internal Network before Lunch (2018 Edition)
- harmj0y – security at the misfortune of others
- root@Hausec – The diary of an infosec forever-noob
- dirkjanm.io
- Top Five Ways I gained access to Your Corporate Wireless Network (Lo0tBo0ty KARMA edition)
- Windows & Active Directory Exploitation Cheat Sheet and Command Reference :: Cas van Cooten — I ramble about security stuff, mostly
- Integration-IT/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
- Attacking Active Directory: 0 to 0.9 | zer1t0
- From RPC to RCE - Workstation Takeover via RBCD and MS-RPChoose-Your-Own-Adventure · GitHub
Credential Cracking and Brute Forcing
Password Lists
- Recent 1.4 billion password breach compilation as wordlist : netsec
- philipperemy/tensorflow-1.4-billion-password-analysis: Deep Learning model to analyze a large corpus of clear text passwords.
- JohnTheRipper
- hashcat - advanced password recovery
- THC Hydra - brute force crack a remote authentication service
- Credential Access Stuff
- Patator: is a multi-purpose brute-forcer
- Ophcrack - Windows Password Cracker
- Nozzlr: Multithreaded Brute Forcer
- Decrypt Google Chrome / Chromium passwords and credit cards on macOS / OS X.
- Chrome Password Decryptor : Free Tool to Recover Lost or Forgotten Website Password from Google Chrome Browser
- How to Grab All the Passwords « Null Byte :: WonderHowTo
- Password Lists and Tools - SkullSecurity
Web App Security
Books
- The Browser Hacker's Handbook
- The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
Burp
- Burp Intro
- 0x2 Exploit Tutorial: Web Hacking with Burp Suite
- Web Security Academy
XSS
- webGun - XSS Payload Build Tool
- Unleashing an Ultimate XSS Polyglot · 0xSobky/HackVault Wiki
- XSS Polyglot Challenge
- Browser's XSS Filter Bypass Cheat Sheet · masatokinugawa/filterbypass Wiki
- 0×1 Exploit Tutorial: XSS
- XSS Payloads
- unescape() room
- $10k host header - Test
- Hacking APIs | No Starch Press
- Web Security · isislab/Project-Ideas Wiki
- RPISEC INTROSEC
- Web Security - Webgoat
- zseano | UK Security Researcher
- High Performance Web Brute-Forcing 🕸🐏 – hiburn8
- The Bug Hunter’s Methodology 2.0 – Jason Haddix
- The Bug Hunters Methodology
- Web Hacking Tools List
- A list of web application security resources
- A curated list of Web Security materials and resources.
- ZAP - Zed Attack Proxy Project
- Samurai 3.0 Branch - Web Pen Testing VM
- Samurai - Course -Web Pen-testing VM
- OWASP Juice Shop Project - Web Pen Testing Challenge
- Vulnerable Web Applications Directory
- OWASP-Testing-Checklist: OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
- OWASP-Testing-Guide-v4.pdf
- HackerOne Vulnerability Reports
- Web App and Pen-testing | Nahamsec
- Bugcrowd University | Bugcrowd
- Useful payloads and bypass for Web App
- WebSploit Labs - by Omar Santos
- AWAE/OSWE PREP (Code analysis to gaining rce and automating everything with Python) | Sarthak Saini
- CHYbeta/Web-Security-Learning: Web-Security-Learning
- GitHub - awesome-selfhosted/awesome-selfhosted: A list of Free Software network services and web applications which can be hosted on your own servers
- Vickie Li's Security Blog
- XSS in the AWS Console
- devanshbatham/Vulnerabilities-Unmasked: This repo tries to explain complex security vulnerabilities in simple terms that even a five-year-old can understand!
Lock Picking
- A curated list of guides, tools, and other resources related to the security and compromise of locks, safes, and keys.
- Lock Picking Books
- Super Bump Key Set
Social Engineering
- A curated list of social engineering resources
- Geotweet_GUI: Social engineering tool
- Social Engineering Books
Wireless Pentesting
- cracking_wpa [Aircrack-ng]
- Targeted WPA2-Enterprise Evil Twin Attacks: eaphammer
- Understand and Cracking WPA/WPA2(Enterprise) · Teck_k2
Bug Bounties
Sony
- domain | ip ----- - Pastebin.com
Dyson
- "brokerbridge.cpsi.dyson.com" "63.33.1.137" "brokerbridge.cp.dyson.com" "18.200 - Pastebin.com
Netflix
- "push.prod.netflix.com" "54.194.214.60" "push.prod.netflix.com" "52.24.44.164" - Pastebin.com
Starbucks
- "scoapportal.starbucks.com" "52.221.80.68" "joinus.starbucks.com" "34.196.9.70" - Pastebin.com
Tesla
- "hermes-eng.sc.tesla.services" "52.24.173.111" "hermes-stream-dev.vn.tesla.serv - Pastebin.com
- Zero-day in Sign in with Apple
Blue Team/DFIR/SOC/Threat Hunting/Threat Intelligence
Cyber Threat Intel/APT Stuff
Cyber Threat Intelligence (CTI)
- A Cyber Threat Intelligence Self-Study Plan: Part 1 | by Katie Nickels | Katie’s Five Cents | Medium
- A Cyber Threat Intelligence Self-Study Plan: Part 2 | by Katie Nickels | Katie’s Five Cents | Medium
- A curated list of Threat Intelligence resources
- List of Threat Intelligence Stuff
- RiskIQ | historic information about the IP addresses to which a website resolved over time
- Open Threat Exchange - More Details on hostnames
- Shodan
- The IO Offensive: Information Operations Surrounding the Russian Invasion of Ukraine | Mandiant
- Twisted Panda: Chinese APT espionage operation against Russian’s state-owned defense institutes - Check Point Research
- Welcome to the Cyber Analytics Repository | MITRE Cyber Analytics Repository
- Introducing the Mandiant Cyber Threat Intelligence (CTI) Analyst Core Competencies Framework | Mandiant
- China targeted Pentagon rare earth contractor with disinformation campaign - Washington Times
- Brute Ratel C4 Red Teaming Tool Being Abused by Malicious Actors
- "Highly recommend using Shodan/filters to track/hunt adversaries' infrastructure and C2 Cobalt Strike https://t.co/U4aMMpgk9a MSF https://t.co/lXqDNWlLYI Covenant https://t.co/8bRaNunnrs Mythic https://t.co/N0omDCKY1c Brute Ratel C4 https://t.co/2zHuuDT4nk https://t.co/8hx7SNxqXY" / Twitter
- Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco
- Threat Intelligence - Pulsedive
- The short guide for the Freeloader freeloader Threat Intelligence Analyst and Malware Researcher
- Visual Threat Intelligence
- Threat Intel | Spyware vendors use 0-days and n-days against popular platforms
- Threat Intel | Russia’s Cyber Operations Groups | xorl %eax, %eax
- Threat Intel | Analysis of Amadey Bot Infrastructure Using Shodan
- Threat Intel | Identify additional C2 servers
- A Peek Behind the Curtain: Examining the Dimensions of a National-level Cyber Program | Mandiant
- SIM Swapping and Abuse of the Microsoft Azure Serial Console: Serial Is Part of a Well Balanced Attack | Mandiant
APT Stuff
- Advanced Persistent Threat | Azeria Labs
- 1 - Reconnaissance | Azeria Labs
- 2 - Initial Compromise | Azeria Labs
- 3 - Persistence | Azeria Labs
- 4 - Command and Control | Azeria Labs
- 5 - Privilege Escalation | Azeria Labs
- 6 - Lateral Movement | Azeria Labs
- 7 - Asset Discovery | Azeria Labs
- 8 - Data Exfiltration | Azeria Labs
- Threat Actor Name Transition Over Time Chart | ransomware_map/OCD_WorldWatch_Ransomware-ecosystem-map.pdf at main · cert-orangecyberdefense/ransomware_map · GitHub
- Useful reference point for anyone in threat intel
- Decrypting APT33's Dropshot Malware with Radare2 and Cutter – Part 1 – Megabeets
- Vicious Panda: The COVID Campaign - Check Point Research
- [Report] Double Dragon: APT41, a Dual Espionage and Cyber Crime Operation
- This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits | FireEye Inc
- Groups | MITRE ATT&CK®
- BendyBear: Novel Chinese Shellcode Linked With Cyber Espionage Group BlackTech
- vx-underground - Directory
- FinSpy: unseen findings | Securelist
- FIN13: A Cybercriminal Threat Actor Focused on Mexico | Mandiant
- new obfuscation technique used by Red Dev 10
- New Chinese APT Obfuscation Methods: Chasing Shadows - PwC UK
- Does This Look Infected? A Summary of APT41 Targeting U.S. State Governments | Mandiant
- Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Old dog, new tricks - Analysing new RTF-based campaign distributing Agent Tesla, Loki with PyREbox
- APT Encounters of the Third Kind - Igor’s Blog
- APTs & Adversary Groups List - Malware & Ransomware | Crowdstrike Adversary Universe
- MITRE ATT&CK Defender (MAD) ATT&CK Cyber Threat Intelligence Certification Training Course | Cybrary
- CyCraft Classroom: MITRE ATT&CK vs. Cyber Kill Chain vs. Diamond Model | by CyCraft Technology Corp | CyCraft | Medium
- Cyber Intelligence Report - Weekly Awareness Report - Threat Intelligence
- The CTI Schoolhouse
- CHINESE INFLUENCE OPERATIONS
Threat Hunting and Detection
- Threat Hunting Methodologies
- mandiant/thiri-notebook: The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
- Paul Masek on Twitter: "#DetectionEngineering #ThreatHunting Huge List O' Resources Incoming \/ \/ \/ SIEM Rulesets (all open and free): @MITREcorp CAR - https://t.co/mwC8TUqCf6 @splunk - https://t.co/9l4l1kKeCz @elastic - https://t.co/rLmqeBioHF @sigma_hq - https://t.co/HRwWX9dr4I 👇🧵" / Twitter
- Detection: Challenging Paradigms
- THREAT HUNTING WITH BRO - Cybersecurity Insiders
- Snort Project 15 for CNIT 120
- Threat Hunting with VirusTotal ~ VirusTotal Blog
- Public S3 Buckets by GrayhatWarfare
- The difference between signature-based and behavioural detections | S3cur3Th1sSh1t
SOC & Network Security/Forensics Stuff
Malware Traffic Analysis
- malware-traffic-analysis.net
- Malware-Traffic-Analysis.net - Traffic Analysis Exercises
- Malware-Traffic-Analysis.net
Network Analysis/Monitoring/Hacking
Netcat
- Hacking with Netcat part 1: The Basics - Hacking Tutorials
Wireshark
- Wireshark_Display_Filters
- Termshark • A terminal UI for tshark, inspired by Wireshark
- PCAP Practice - Malware-Traffic-Analysis.net
- Public PCAP files for download
Wireless
- Aircrack-ng - Wireless Pen Testing
- Kismet Wireless Detector
- WiFiJammer - Continuously jam all wifi clients/routers
- 20 Popular Wireless Hacking Tools [updated for 2017]
- How To Hack WiFi: The Ultimate Guide (2019) - CyberX
Man In The Middle (MITM)
- Bettercap 2.0 - MITM Tool
OSWP
- My experience with OSWP/WiFu v3.2 - ScriptDotSh
- Network Security · isislab/Project-Ideas Wiki
- Scapy: packet manipulation program & library
- RPISEC INTROSEC
- Online IP CIDR / VLSM Supernet Calculator
- TCPDUMP/LIBPCAP public repository
- GitHub - defuse/sockstress: Sockstress (TCP DoS) implementation.
- OSI model - Wikipedia
- Moloch - PCAP tool
- Networking - YouTube
Proxies
- A Fresh Look On Reverse Proxy Related Attacks | Acunetix
- GrrrDog/weird_proxies: Reverse proxies cheatsheet
- MITRE ATT&CK framework - Google Search
- Netflow - Google Search
- The Attackers Life cycle - Google Search
- SQL Injection - Google Search
- OWASP Top 10 - Google Search
- The Cyber kill chain - Google Search
- TCP/IP - Google Search
- Diamond model of intrusion analysis - Google Search
- Free Splunk For Military Vets
- Web Proxy Event Analysis Cheat Sheet - Nextron Systems
- Antivirus Event Analysis Cheat Sheet v1.10.0 - Nextron Systems
- Blog - Nextron Systems
- Network Forensics, Wireshark Basics, Part 1
- Network Tools: DNS,IP,Email | All of your MX record, DNS, blacklist and SMTP diagnostics in one integrated tool.
- Useful for analyzing Windows Event Logs | DeepBlueCLI
Memory/Digital Forensics & Incident Response
Challenges
- Digital Forensic Challenge Images (Datasets)
Linux Specific
- Linux Forensics | LinuxForensics
Mobile Phone Specific DFIR
- Smarter Forensics | It's time to get SMARTER!
- meirwah/awesome-incident-response: A curated list of tools for incident response
- 19: Intro to Memory Forensics | COMPSCI 590F | Advanced Digital Forensics (Spring 2019)
- Volatility Plugin Contest 2020 (Volatility 3)
- Command Reference · volatilityfoundation/volatility Wiki
- Linux Command Reference · volatilityfoundation/volatility Wiki
- File Signature Database:
- Classwork for Digital Forensics from Beginner to Expert DFIR
- SANS Digital Forensics and Incident Response | DFIR Courses | SANS
- 13Cubed - YouTube
- Good Forensics Stuff - 13Cubed - YouTube
- Digital Forensics and Incident Response Cheatsheet
- Home - DFIR - The Definitive Compendium Project
- DFIR Crash Course - Case 001 - The Stolen Szechuan Sauce - DFIR Madness
Other Blue Team Things
- Operation-Chimera | SecurityBlue.Team
- Cyber Security Blue Team
- Blue Teams Academy - Free Training 2021
- Cybersecurity Advisories & Guidance
- CTR_Kubernetes_Hardening_Guidance_1.1_20220315.PDF
- Use attack surface reduction rules to prevent malware infection | Microsoft Docs
- Software Assurance Reference Dataset
- Cyber Defense Presentation - SANS Institute
- Using IIS logs for fun and malware profit! | DFIR Journal
Courses/Trainings
- Advanced Network Forensics Course | Threat Hunting & Incident Response | SANS FOR572
- CyberDefenders: Blue Team CTF Challenges
- CMSC 491/791 Active Cyber Defense
- Applied Network Defense | good cheap blue team courses
Books
- The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
Tools
- The Sleuth Kit (TSK) & Autopsy: Open Source Digital Forensics Tools
- TheresAFewConors/Sooty: The SOC Analysts all-in-one CLI tool to automate and speed up workflow.
- FTK Imager Version 4.5 | AccessData
- BloodHound-Tools/Ransomulator at main · zeronetworks/BloodHound-Tools · GitHub
- A curated list of awesome forensic analysis tools and resources
- www.amanhardikar.com/mindmaps/ForensicChallenges.html
ICS/SCADA/OT
Courses
- Cyber-Physical Systems Security
- Cyber-Physical Systems Design & Analysis
- Resource list – Robert M. Lee
- A Collection of Resources for Getting Started in ICS/SCADA Cybersecurity – Robert M. Lee
- Good ICS Tools | ITI/ICS-Security-Tools: Tools, tips, tricks, and more for exploring ICS Security.
DevOps/DevSecOps/Networking/IT
DevOps/DevSecOps & IT Stuff
Kubernetes
- Certified Kubernetes Administrator (CKA) Practice Exam Tests | Udemy
- Awesome kubernetes course | KodeKloud Training | Hands-On Online Training Academy | Udemy
- "Kubernetes Cookbook" - Designing Distributed Systems: Patterns and Paradigms for Scalable, Reliable Services: Burns, Brendan
CI/CD
- CI/CD Stuff | dagger.io
DevOps Specific
- DevOps First - The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win: Kim, Gene, Behr, Kevin, Spafford, George: 8601404253799: Amazon.com: Books
- DevOps 2nd (More How To) - The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Technology Organizations: Kim, Gene, Debois, Patrick, Willis, John, Humble, Jez, Allspaw, John: 9781942788003: Amazon.com: Books
- Pre DevOps - The Unicorn Project: A Novel about Developers, Digital Disruption, and Thriving in the Age of Data eBook: Kim, Gene: Kindle Store
DevSecOps
- DevSecOps Personal Learning Goal (TBD)
- Linux Security Checklist: 15 Best Practices for Hardening Linux Systems
- Cheat Sheets - PacketLife.net
- How Does the Internet Work?
- Intro Computer Networks Resources
- Computer Networking (CN) · OMSCS Notes
- The TCP/IP Guide - The TCP/IP Guide
- What happens when you type a URL into a browser and hit enter
- Visual guide to SSH tunnels
- Computer Networks (CIS 345) - YouTube
CTF Focused Things
Getting Started
- CTF Beginner notes
- How to Get Started in CTF | ENDGAME
- Introduction | CTF Field Guide
- [WeChall] Participating Challenge Sites
- firmianay/CTF-All-In-One: The Definitive Guide to CTF Competitions
CTF's To Play/Learn From
Hack A Sat
- Satellite Hacking Demystified(RTC0007) | RedTeamRecipe
- GitHub - solar-wine/writeups: Hack-A-Sat Qualifiers Writeups
- Players’ Corner – HACK-A-SAT 4
- CTFtime.org / All about CTF (Capture The Flag)
- Welcome | OOO archive | DEF CON CTF
- The SANS Holiday Hack Challenge: Past Challenges
- picoCTF - CMU Cybersecurity Competition
- defcon-challenges-vm
- Hacker101 CTF
- ctf4u
- CTF Challenges + Source
- GitHub - shellphish/ictf-2020-challs-public
- Virtual Capture-the-Flag Cyber Challenges | SANS Institute
- How to play GitLab's Capture the Flag at home | GitLab
- google/google-ctf: Google CTF
- SANS Cyber Ranges | SANS Institute
Twitch Streams and Videos To Learn From
- Play CTF! A Great Way to Learn Hacking - Fsec 2017 - YouTube
- KevOrr/ctf-training
- livectf - Twitch
- GynvaelEN - YouTube
- Murmus CTF - YouTube
- LiveOverflow - Awesome to learn Computer Security
- How Ethereum Smart Contract Hacking Looks Like - YouTube
Good Challenge Writeups To Learn From
- Myne-us: From 0x90 to 0x4c454554, a journey into exploitation.
- writeups/icectf-2016 at master · WCSC/writeups · GitHub
- CTFtime.org / IceCTF 2016 tasks and writeups
- Hackover CTF 2015 – easy-shell - Writeup - f00ls bl0g
- Google CTF 2017 Quals Write-up Winners - Google Drive
- Notes - gynvael.coldwind//vx
- Blizzard CTF 2017 – The LichKing Reverse Engineering challenge walkthrough | Shortjump!
- Zero Day Initiative — Testing for Truthiness: Exploiting Improper Checks
- How To Hack - Episode 2: Use-After-Free Triple Bounce - YouTube
- PlaidCTF Write-up: Shop
- Building up from the Ethereum Bytecode | Ret2 Systems Blog
- DEF CON® 26 Hacking Conference News
- RPISEC Blog
- CTFs
- CSAW CTF 2015 - Alexander Taylor – OSIRIS Lab at NYU SOE
- Practical case: Secura Grand Slam CTF “Easy Reverse” – Max Kersten
- Capture the Flag Challenges
- GitHub - antihorsey/ctf-writeups: Writeups of problems from past CTFs
- write-ups-2015/seccon-quals-ctf-2015/stegano/steganography-2 at master · ctfs/write-ups-2015
- How to Read JPG Height and Width from Binary/Hex data?
- ctf-writeups/babypwn.md at master · VulnHub/ctf-writeups · GitHub
- ctf-writeups/rop2libc.md at master · VulnHub/ctf-writeups · GitHub
- ctf-challenges/pwn/stackoverflow/ret2libc at master · ctf-wiki/ctf-challenges · GitHub
- 33C3 CTF 2016 -- ESPR « Hacking Tube
- write-ups-2016/hackcon-ctf-2016/pwn/easiest-pwn-not-250 at master · ctfs/write-ups-2016
- google-ctf - solutions
- csaw-ctf-2014 - S3 writeup
- ctfs - write-ups-2014
- Metasploit Community CTF 2018: 2 of Diamonds Write-Up
- Metasploit Community CTF 2018
- 50M_CTF_Writeup/README.md at master · manoelt/50M_CTF_Writeup
- CTFtime.org / Google Capture The Flag 2017 (Quals) tasks and writeups
- Flare-on 6 2019 Writeups
- Google CTF 2019 Write-Up - HackMD
- Enigma 2017 Crackme 0 Writeup
- perfectblue/ctf-writeups: Perfect Blue's CTF Writeups
- Uploooadit Author Walkthrough: DEF CON 28 CTF Quals by Order of the Overflow (OOO) - YouTube
- Order of the Overflow · GitHub
- Hardware Hacking Foscam
- GitHub - A-0-E/writeups: Write-ups from A*0*E.
- Dragon CTF 2020 - BitmapManager
- pbctf-2020-challs/rev at master · perfectblue/pbctf-2020-challs
- luker983/nsa-codebreaker-2020: My solutions to the 2020 NSA Codebreaker Challenge
- p4-team/ctf: Ctf solutions from p4 team
- VulnHub/ctf-writeups: CTF write-ups from the VulnHub CTF Team
- sixstars/ctf: A writeup summary for CTF competitions, problems.
- perfectblue/ctf-writeups · GitHub
- A Survey of Capture the Flag Write-ups | RTX CODEX Cyber Blog
- SANS CTF: FE06 writeup
- SANS Community CTF Aug 13–15. Strategy and solutions to how I tackled… | by Catherine Chamnankool | Medium
- SMC3 CTF
- SMC3 · Addison Crump
- jselliott/CyberFastTrack_SP2020: A collection of writeups and solutions for the Cyber FastTrack Spring 2020 CTF
- Navigate obfuscated JS with Chrome Dev Tools: DEFCON 29 CTF Qualifier: 3FACTOOORX Write-up | Brett Buerhaus
Tools to Use
- zardus/ctf-tools- Some useful tools for various challenges
- INTROSEC - Useful tools for various challenges
- Pip installation
- Online Decoder For Esolangs
- Awesome CTF | awesome-ctf
- Hashes.org - Home
- Online PCAP Analyzer
- mattnotmax/cyberchef-recipes: A list of cyber-chef recipes and curated links
- Binwalk: Firmware Analysis Tool (forensic) - Extracts Hidden Files
- Cisco Type 4 to SHA256 - TobTu
Crypto
RSA
- nccgroup/featherduster: An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction
- drakes00/featherduster: An automated, modular cryptanalysis tool
- factordb.com
- RSA Stuff for CTFs
- CTFtime.org / ABCTF 2016 / Sexy RSA (Cryptography) / Writeup
- How to solve RSA Crypto Challenges in CTF'S..! - AmazingTricks
- Traditional Ciphers
- Some basic RSA challenges in CTF — Part 1: Some basic math on RSA | by An Hoang | Medium
- zweisamkeit/RSHack: RSHack - Tool for RSA CTF's challenges
Good Practice Challanges + Writeups
Writeups
- Number Guessing Crypto CTF Challenge | LCG - Linear Congruential Generator | [Crypto] VolgaCtf2019 - LG | TeamRocketIST - Portuguese CTF Team
Crypto Pals
- Good Practice Crypto Challenges - Cryptopals
- Announcing NCC Group’s Cryptopals Guided Tour! – NCC Group Research
- Announcing NCC Group’s Cryptopals Guided Tour: Set 2 – NCC Group Research
- CryptoHack – A fun, free platform for learning cryptography
- Some inactive CTF challenge : codes
- CNMF-Puzzles/2023-04-Math-Awareness-Month at main · CNMF-Puzzles/CNMF-Puzzles · GitHub
- CyberChef
- quipquip - Awesome Crypto Solver
- dCode - Solvers, Crypto, Maths, Decoding, Online Tools
- Crypto Tools
- Base64 Decode and Encode - Online
- Cipher Tools
- Ook! - Esolang
- The Enigma machine: Encrypt and decrypt online — Cryptii
- rot13.com
- Awesome Frequency Analysis Tool
- Skipjack Decoder
- MD5 Cracker Page - Over 312.072 billion cracked MD5 hashes - HashKiller.co.uk
- SHA1 Cracker Page - Over 312.072 billion cracked SHA1 hashes - HashKiller.co.uk
- PBKDF2 Derive Key Online
- Classic modes of operation for symmetric block ciphers — PyCryptodome 3.15.0 documentation
Exploitation/PWN
IntegerOverflow
- What Is Integer Overflow | Acunetix
- Wolfram|Alpha Widgets: "divisibility checker" - Free Education Widget
Challenges/Wargames
- Ret2 WarGames
- Deus x64 - WarGames
- pwnable.kr - various pwn challenges regarding system exploitation
- pwnable.tw - wargame site for hackers to test and expand their binary exploiting skills.
- Ret2: Deus x64 - a series of increasingly difficult computer security challenges
- Security Training Reimagined | RET2 WarGames
- Welcome to pwn.college! | pwn.college
- 0xbadc0ded - Old Pwnable Challenges
- 35C3 Junior CTF pwnables
- Exploitation Practice: An archive of low-level CTF challenges developed over the years
Tools
- ROPgadget
- shell-storm | ROPgadget - Gadgets finder and auto-roper
- shell-storm | Shellcodes Database
- sashs/Ropper: Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC). For disassembly ropper uses the awesome Capstone Framework.
- qira - timeless debugger
- Libformatstr: Simplify format string exploitation.
- GitHub - Gallopsled/pwntools: CTF framework and exploit development library
- hugsy/gef: GEF - GDB Enhanced Features for exploit devs & reversers
- Playing with rasm2 (for shellcoding)
- preeny: helpful preload libraries for pwning stuff.
- Shellcode Encoder | EgeBalci/sgn: Shikata ga nai (仕方がない) encoder ported into go with several improvements
- Rasm2 · Radare2 Book (for shellcoding)
- Introduction to Binary Exploitation
- Kernel Exploitation CTF Challenge
- defcon-ctf-2020/biooosless
- GT Binary Exploitation Tutorials | Tut00: Introduction - CS6265: Information Security Lab
Reversing/Binary Analysis
- Ghidra
- Boomerang Decompiler - Decompile x86 binaries to C
- Angr: binary analysis platform!
- Jadx: Dex to Java decompiler (Android)
- Java decompiler online
- Krakatau: Java decompiler, assembler, and disassembler
- Pin - A Dynamic Binary Instrumentation Tool | Intel® Software
- Uncompyle: Python decompiler
- Z3: The Z3 Theorem Prover
- Getting Started with Z3
- binary.ninja : a reverse engineering platform
- IDA Sig Database (FLIRT)
- GCC and MSVC C++ Demangler
- gcore(1) - Linux manual page
- geohot/qira: QEMU Interactive Runtime Analyser (timeless debugger)
- systems of equations calculator - Wolfram|Alpha
Shared Library (.so)
- Dynamically Loaded (DL) Libraries
- CTFtime.org / Insomni'hack 2018 / guessflag / Writeup
- Reverse engineering the HITB binary 100 CTF challenge – Cedric's Cruft
- Shared Libraries
- Shared libraries with GCC on Linux - Cprogramming.com
- Dynamic libraries in C: creating something on what the others will rely.
- Shared Library Mini-Tutorial
Memory Forensics
- Dnscat - SkullSecurity
- Audacity - Audio Files
- ExifTool - Read Write and Edit Meta Info
- Foremost - File Recovery
- fsck - Fix Broken File Systems
- NetworkMiner - Network Forensics Analysis Tool ⛏
- Dump file analyzer - Memory Extraction
- Autopsy Tool
- Memory Analysis with Volatility Analyzing a RAM Image with Volatility (15 Points)
- Volatility & Memory-Forensics-Cheat-Sheet-v1_2.pdf
- volatility-memory-forensics-cheat-sheet.pdf
- cdminigun/Sharpturn: CSAW Forensics 400 Question: Sharpturn
- F01 | Hamza Butt
Steganography
- ImageMagick
- Exif - shows EXIF information in JPEG files
- exiftool: Read/write meta info in files
- Exiv2 - Image metadata library and tools
- outguess - universal tool
- SmartDeblur: Restoration of defocused and blurred photos/images
- stegbreak - brute force dictionary on JPEG
- StegCracker: Steganography brute-force utility to uncover hidden data inside files
- stegextract: Detect hidden files and text in images
- Steghide
- Digital Invisible Ink Toolkit
- Steganography - A list of useful tools and resources | 0xRick Owned Root !
- CTF Tidbits: Part 1 — Steganography - FourOctets - Medium
- T9 Predictive Text Input Emulator
- zsteg: detect stegano-hidden data in PNG & BMP
- Aperi'Solve - stego solver
- Data concealment using steganography | by David Artykov | Purple Team | Medium
- Basic Steganography and PNG Files | Shane Reilly
- Stego Tricks - HackTricks
- Compare & find Differences in two Image Files
Web Challenges
- Metasploit | Penetration Testing Software, Pen Testing Security | Metasploit
- Burp Suite for Web Challenges (cookies)
- example_hashes [hashcat wiki]
- Postman
- Useful payloads and bypass for Web App
- SSH Brute Force | SSH Password Testing With Hydra on Kali Linux - LinuxConfig.org
- Find VM IP | netdiscover: netdiscover
- Offline Password Cracking · CTF
CTF Hosting
- o-o-overflow/dcf-game-infrastructure-public: Contains all the components necessary to run a DC finals (attack-defense CTF) game from OOO.
- zaratec/miniCTF-platform: Modded picoCTF platform for MiniCTF
- CTF Design Guidelines
VM's/Virtualization, Home Lab, Cloud Stuff
Console Virtualization
- How to Build Your Own Mini SNES
- How to Build a Raspberry Pi Retro Game Console
- RPCS3 - PlayStation 3 Emulator
Home Lab Stuff (VM's, Hardware, RPi)
Rasberry Pi Things
Rasberry Pi VPN
- OpenVPN - Debian Wiki
- GitHub - adrianmihalko/raspberrypiwireguard: Install and configure WireGuard on Raspberry Pi (and others)
- PiVPN: Simplest setup of OpenVPN
- trailofbits/algo: Set up a personal IPSEC VPN in the cloud
bitcamp
- ARM/RaspberryPi - Ubuntu Wiki
- Downloads :: Andrew Griffiths' Exploit Education
- OpenSSH Server
- virtualbox - Is it possible to “SSH” into my virtual machine remotely? - Ask Ubuntu
- image - How can I convert a .img.xz file to .img to transfer it to my SDCard? - Raspberry Pi Stack Exchange
- Installing operating system images - Raspberry Pi Documentation
- ethernet - Multiple Simultaneous SSH Connections - Raspberry Pi Stack Exchange
- SSH (Secure Shell) - Raspberry Pi Documentation
- linux - Find out how much SSH-connections currently exist - Stack Overflow
- Protect SSH Logins with SSH & MOTD Banner Messages<
- Ubuntu Linux Change Hostname (computer name) - nixCraft
- How to install Ubuntu on the Raspberry Pi | TechRadar
- command to find the SD card
- How To Install And Configure QEMU In Ubuntu | Unixmen
- Run another OS on your RPi3 as a virtualized QEMU guest under KVM (64-bit) - Raspberry Pi Forums
- QEMU/Images - Wikibooks, open books for an open world
- What to do with a Raspberry Pi? : netsecstudents
- dokuwiki [DokuWiki]
- Pi-hole®: A black hole for Internet advertisements – curl -sSL https://install.pi-hole.net | bash
- The Only Raspberry Pi 3 Kodi Tutorial You Will Ever Need
- LibreELEC – Just enough OS for KODI
- RPi-youtube, smooth youtube videos on Chromium - Raspberry Pi Forums
- How to Enable HDMI-CEC on Your TV, and Why You Should
- HookTube
- Puffin Internet Terminal - Turning a tiny Raspberry Pi into a high-end PC
- cloudflared - Google Search
- pfsense - Google Search
- Security-Onion-Solutions/security-onion: Linux distro for intrusion detection, enterprise security monitoring, and log management
- AdguardTeam/AdGuardHome: Network-wide ads & trackers blocking DNS server
- AdGuard — World's most advanced adblocker!
- Hass.io - Home Assistant
- RPi 4 Ubuntu and No Network functionility - Raspberry Pi Forums
- Raspberry Pi-4/8GB firmware upgrade over UBUNTU - Raspberry Pi Forums
- rpi-eeprom/release-notes.md at master · raspberrypi/rpi-eeprom · GitHub
- GitHub - raspberrypi/userland: Source code for ARM side libraries for interfacing to Raspberry Pi GPU.
- GitHub - raspberrypi/rpi-eeprom: Installation scripts and binaries for the closed sourced Raspberry Pi 4 EEPROMs
- Raspberry Pi-4 firmware upgrade (eeprom), over UBUNTU 20.04 - Ask Ubuntu
- Raspberry Pi Can Detect Malware By Scanning for EM Waves
Hardware
- Intel® Xeon® Processor E5-2670 (20M Cache, 2.60 GHz, 8.00 GT/s Intel® QPI) Product Specifications
- ASRock EP2C602-4L/D16 SSI EEB Server Motherboard Dual LGA 2011 Intel C602 DDR3 1866 / 1600 / 1333 / 1066 R / LR ECC and UDIMM - Newegg.com
- SR0KX E5-2670 Xeon Intel 8 Core 2.60Ghz 20M 115W CPU /w Thermal - 670523-001 | eBay
- Amazon.com: Intel E5-2670 2.60Ghz 20M Cache 8-Core 115W Processor SR0KX: Computers & Accessories
- Amazon.com: ASRock Motherboard ATX DDR3 1066 Intel LGA 2011 EP2C602-4L/D16: Computers & Accessories
- Samsung 128GB (16 x 8GB) 2Rx4 PC3-10600R M393B1K70CHD-CH9 PowerEdge R710 | eBay
- Cyber Range Build | Liberty
- Amazon.com: Cooler Master Hyper RR-T4-18PK-R1 CPU Cooler with 4 Direct Contact Heatpipes, INTEL/AMD with AM4 Support: Computers & Accessories
- Amazon.com: Cooler Master GeminII S524 Version 2 CPU Air Cooler with 5 Direct Contact Heat Pipes (RR-G5V2-20PK-R1): Computers & Accessories
- Amazon.com: Cooler Master Hyper 212 Evo (RR-212E-20PK-R2) CPU Cooler with PWM Fan, Four Direct Contact Heat Pipes: Electronics
- Amazon.com: Dell Precision T5500 Workstation Desktop PC Intel Xeon 12 Core 3.33GHz 72GB RAM 2TB Hard Drive NVIDIA Quadro K2000 Graphics Windows 10 Pro 64-bit: Computers & Accessories
- 128GB (16x 8GB) 10600R ECC REG RAM MEMORY FOR DELL HP SERVERS | eBay
- hardware - homelab
- buyingguide - homelab
- hardware/muffinsguide - homelab
VM's/Virtualization Stuff
Windows VMs
- Windows Server Free Trial | Microsoft
- Free Virtual Machines from IE8 to MS Edge - Microsoft Edge Development
- Windows 10 App Dev VM
Hyper-V
- Hyper-V Provider - Vagrant
- How to make a boot option to turn on/off hyper-v
- How to create a Linux virtual machine on Windows 10 using Hyper-V
- Installation Guide | Qubes OS
- Parrot Project - The best choice for security experts, developers and crypto-addicted people.
- Vagrant by HashiCorp
- ESXi | Bare Metal Hypervisor | VMware
- Using the VMware View Application - Like VMware Player on an Android Tablet!
- Building Virtual Machine… by Tony Robinson [PDF/iPad/Kindle]
- VMware Lab setup - A virtualized lab for testing HA and DRS - Simple Talk
- Open Source Server Virtualization Training for Proxmox VE
- Proxmox vs. ESXi : homelab
- "VMware Workstation and Device/Credential Guard are not compatible" error in VMware Workstation on Windows 10 host (2146361)
- Solved: Device/Credential Guard error on Window... |VMware Communities
- VMWare Workstation Slows Down When Saving State - VMware Technology Network VMTN
- VMware Workstation fix Chrome wheel scrolling
- Solved: Mouse wheel scrolling skips clicks - VMware Technology Network VMTN
- Kyle Cucci on Twitter: "In VMware Workstation, you can add "SMBIOS.reflectHost = “True” to your VMX file to hide the default hypervisor BIOS info from #malware. Anyone know how to do this in VirtualBox? 🧐" / Twitter
- Snapshots Take a Long Time When “Keep Memory” is Enabled (76687)
- Fix Slow VMWare Snapshots - Enable Background Snapshots
- Fix slow vmware Snapshots | VMWare Workstation 16 Pro taking a long time for s... - VMware Technology Network VMTN
- Creating a Red & Blue Team Homelab | hausec
- r/homelab
- How to Set up an SSH Server on a Home Computer - DEV Community 👩💻👨💻
- Know Your Network, Lesson 4: Access Your Home Computers from Anywhere
- How to Control Your Linux PC with an Android Device
- introduction - homelab
- Building a VMware home lab
- Setting Up A Penetration Testing Lab
- Infosec_Reference/Building A Pentest Lab
- Building a Home Lab for Offensive Security & Security Research · System Overlord
- Building-Your-Own-Kickass-Home-Lab-Jeff-McJunkin.pdf
- My semi-humble homelab! : homelab
- Stumbled into /r/homelab? Start Here! : homelab
- software - homelab
- List of Free Software network services and web applications which can be hosted locally. Selfhosting is the process of locally hosting and managing applications instead of renting from SaaS providers.
- resources - homelab
- My actual "mini-lab" : homelab
- UniFi Home Setup - Page 4 - Ubiquiti Networks Community
- Saw this in /r/oddlysatisfying, thought some people here might find it useful : homelab
- E-Ink based status display : homelab
- Intel® Advanced Vector Extensions 512 (Intel® AVX-512) Overview
- Amazon.com: Intel Xeon Phi 7120P Coprocessor: Computers & Accessories
- How can I work on vulnhub VM's in virtualbox in a school setting? : netsecstudents
- 128GB (16x 8GB) 10600R ECC REG RAM MEMORY FOR DELL HP SERVERS | eBay
Cloud Stuff
AWS (Amazon Web Services)
- flAWS
- AWS in Plain English
- GitHub - toniblyx/my-arsenal-of-aws-security-tools: List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
- AWS Management Console
- https://interactive.linuxacademy.com/diagrams/TheOrionPapers.html
- AWS/Cloud training - learn.cantrill.io
- DigitalOcean
- Google Cloud Courses and Training | Google Cloud Training
Useful Tools, Tips & Tricks for OS's
Linux
Linux Fixes and Tweaks
Nvidia Graphics, Reboot Freeze, Purple/Black Screen Fix
- gnome - Freeze after login Ubuntu 18.04 - Ask Ubuntu
- Ubuntu 18.04 stuck at shutdown - Ask Ubuntu
- Ubuntu 18.04 Live boot leads to blank screen - Ask Ubuntu
- filesystem - How to fix "sudo: unable to open ... Read-only file system"? - Ask Ubuntu
- dual boot - Cannot update to 18.04 on DualBoot - "EFI System Partition (ESP) not usable" - Ask Ubuntu
- drivers - Is nomodeset still required? - Ask Ubuntu
- Ubuntu ugrade 17.10 to 18.04 nvidia black screen - Ask Ubuntu
- Bug #1705369 “Ubuntu 17.10/18.04 boots to black screen when usin...” : Bugs : nvidia-graphics-drivers-384 package : Ubuntu
- Bug #1764005 “Black-screen on boot with nvidia 390 for Budgie, M...” : Bugs : nvidia-prime package : Ubuntu
- Bug #1763774 “nvidia-driver-390 GDM black screen / hang after lo...” : Bugs : nvidia-graphics-drivers-390 package : Ubuntu
- Black screen after boot on 18.04 with nvidia - Support & Help Requests - Ubuntu MATE Community
- 2 Ways to Install Nvidia Driver on Ubuntu 18.04 (GUI & Command Line)
- Trying to install nvidia driver for ubuntu Desktop 18.04 LTS - Ask Ubuntu
- boot - Ubuntu 18.04 stuck at purple screen after login - Ask Ubuntu
- No GUI after Kubuntu 18.04 LTS upgrade from 17.10 - Ask Ubuntu
- NVIDIA Driver 384.59 Not Installing - Can't load nvidia-drm, can't open display - NVIDIA Developer Forums
Kali Things
- kali linux - VMware tools installed but not working - Unix & Linux Stack Exchange
- How to Reset Lost Password of Kali Linux? - Technig
- kali linux - proxy timeout, error - Unix & Linux Stack Exchange
Airplane mode fix
- Airplane mode stuck on??
- [ubuntu] Ubuntu 18.04 LTS remains in Airplane mode and WIFI not works
- Ubuntu 18.04 LTS remains in Airplane mode
- [SOLVED] Laptop stuck in airplane mode after suspend
- networking - Cannot disable Airplane Mode - Ask Ubuntu
- Newest 'airplane-mode' Questions - Ask Ubuntu
- How can I uninstall flight mode in Ubuntu 18.04 and turn on Wi-Fi? - Quora
- Airplane mode won't turn off [SOLVED] - Linux Mint Forums
- centos - Permanently disable airplane mode gnome 3.2 - Unix & Linux Stack Exchange
- 10.04 - Prevent wireless from turning off when lid goes down - Ask Ubuntu
- Keep Ubuntu 17.10 / 18.04 Desktop Running when Laptop Lid is Closed | Website for Students
- Ubuntu Wifi Hardware Disabled after Suspend : MSILaptops
- Wifi Hard Blocked After Suspend in Ubuntu on GS65 : Ubuntu
- wireless - Wifi Hard Blocked After Suspend in Ubuntu on GS65 - Ask Ubuntu
- Airplane mode on resume and no wireless · Issue #181 · linrunner/TLP
- linux - Lenovo E320 is in airplane mode, says toggle hardware switch, but has no hardware switch and WiFi is still hard locked - Super User
- Kernel/MainlineBuilds - Ubuntu Wiki
- MSI GS65 - ArchWiki
- wireless - How to know I have to blacklist acer_wmi? - Ask Ubuntu
- linux - How to turn off Wireless power management permanently - Unix & Linux Stack Exchange
- How to Update Ubuntu Kernel - wikiHow
- wireless - Wifi Hard Blocked After Suspend in Ubuntu on GS65 - Ask Ubuntu
- SOLUTION: 18.04 MSI GS65 wifi hardware switch disabled after suspend - Ask Ubuntu
Tweaks
- brndnmtthws/conky: Light-weight system monitor for X.
- Better audio for ubuntu
- 11 Things To Do After Installing Ubuntu 18.04 LTS 'Bionic Beaver' - OMG! Ubuntu!
- How to Install Desktop Themes on Ubuntu 18.04 LTS
- How To Install Numix Theme And Icons In Ubuntu 18.04 | Omgfoss.com
- 5 Of The Best Linux Desktop Themes Compared
- GitHub - arcticicestudio/nord: An arctic, north-bluish color palette.
- Where is the "Default Wallpaper" wallpaper stored - Ask Ubuntu
- gnome - Why aren't my pictures appearing in the "pictures" section of the change wallpapers window? - Ask Ubuntu
Sonos on Linux
- ability to stream output of a linux desktop to Sonos · Issue #60 · janbar/noson-app · GitHub
- noson-app: Control your SONOS devices on Linux platforms
- ability to stream output of a linux desktop to Sonos · Issue #60 · janbar/noson-app · GitHub
- Delay YT Video
- Package Missing 1
- Package missing 2
- Package Missing 3
- Package Missing 4
- Package Missing 5
- mkchromecast: Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices
- Use your Chromecast from Linux and MacOS with mkchromecast — The Ultimate Linux Newbie Guide
- Mkchromecast
- How to stream from linux to Sonos | Sonos Community
- SonosTube
- networking - Wifi keeps dropping out - Ubuntu 20.04 and Broadcom wireless adaptor - Ask Ubuntu
- filesystem - How to make read-only file system writable?
- tor - how to verify that proxychains is working - Super User
- Inconsistent and erratic mouse wheel in Linux while moving the mouse pointer - Super User
- How can I adjust the mouse scroll speed? - Ask Ubuntu
- Generating a new SSH key and adding it to the ssh-agent - User Documentation
- [SOLVED] Error: Unable to correct problems, you have held broken packages
- Install VMware Workstation or VMware Player from a .bundle file | Linuxlookup
- Could not get vmci driver version: The handle i... |VMware Communities
- How to reinstall network manager without internet access? - Ask Ubuntu
- TLDR pages
- live usb - How to install the MPEG-4 AAC decoder and the H.264 decoder? - Ask Ubuntu
- Unable to forward search Bash history similarly as with CTRL-r - Stack Overflow
- How to cycle through reverse-i-search in BASH? - Unix & Linux Stack Exchange
- My Favorite Command-Line Shortcuts | Henrik Warne's blog
- How to Install Deepin Desktop Environment on Ubuntu 18.04 - OMG! Ubuntu!
- [ubuntu] How To: Setup DOD Common Access Card (CAC) for service portals
- Gnome Authentication Error When Logging in After Lock - Ask Fedora: Community Knowledge Base and Support Forum
- Is there any way to roll back the most recent upgrade? - Ask Ubuntu
- Bluetooth Headset volume too low (only in arch) / Multimedia and Games / Arch Linux Forums
- How to use manual partitioning during installation? - Ask Ubuntu
- Linux* Support for Intel® Wireless Adapters
- New to linux, need to find and install my wireless driver AC-8260 - Ask Ubuntu
- Making Ubuntu 18.04 work on MSI GS65 8RE - Carlos Rodriguez - Medium
- Gradle | Installation
Helpful Tools for Linux
Tmux
- A Gentle Introduction to tmux – Hacker Noon
- tmux/tmux: tmux source code
- Tmux not sourcing my .tmux.conf - Unix & Linux Stack Exchange
- Making tmux Pretty and Usable - A Guide to Customizing your tmux.conf
- tmux-plugins/tmux-logging: Easy logging and screen capturing for Tmux.
- tmux shortcuts & cheatsheet
- tmux cheatsheet
- Tmux Colors Not Working
- copy-paste w/ holding shift
- Using as
Other Linux Stuff
- Grep Stuff
- Process Killing
- Creating SSH keys - Atlassian Documentation
- [SOLVED] merge pdf files with each file as a index entry in the big pdf
- GouveaHeitor/nipe: Nipe is a script to make Tor Network your default gateway.
- ebooks - What software can I use to view epub documents? - Ask Ubuntu
- explainshell.com - match command-line arguments to their help text
- 20 Linux Command Tips and Tricks That Will Save You A Lot of Time - Tips and Tricks
- how to change hostname ubuntu - Google Search
- How to compress and extract files using tar command in Linux – Hostway Help Center
- Home | Linux Journey
- Rosetta Stone for Unix
- Courses - LPI Linux Essentials
- Table of contents - ArchWiki
- rsu-client/rsu-client: A git repository for the RuneScape Linux/Unix Client Project
- Linux Command Reference.pdf
- Filesystem Hierarchy Standard
- Quick Linux Hierarchy
- Read Comments on page! - Ubuntu installation on computers with Intel(R) RST enabled - Documentation - Ubuntu Community Hub
- Keyboard not working anymore with xfce4 [Archive] - Kali Linux Forums
- Installing VMware Tools (Guest Tools) | Kali Linux Documentation
- Linuxopsys on Twitter: "The Linux filesystem and directory structure explained 🐧↓" / Twitter
- 64 bit - How to run 32-bit app in Ubuntu 64-bit? - Ask Ubuntu
Windows
Windows Fixes and Tweaks
- How to make a bootable USB on Windows
- Rainmeter, desktop customization tool
- Touch Terminal. Months of work finally realized. Downloads and instructions in the comments : Rainmeter
- Win10 Widgets - Widgets for Windows 10
- Removing Debian Installation Prompt - Unix & Linux Stack Exchange
- How to Install and Use the Linux Bash Shell on Windows 10
- Items unpinned from taskbar are back after restart/sign out on Windows 10 - Super User
- Please enable the Virtual Machine Platform Windows feature and ensure virtualization is enabled in the BIOS. · Issue #5363 · microsoft/WSL
- Download Windows Commands Reference from Official Microsoft Download Center
- Extend volume is not enabled in Windows 11 - Microsoft Q&A
- How to Migrate Windows 10 to a New Hard Drive
- Chocolatey Software | Chocolatey - The package manager for Windows
- Originally set to 1 | Turn On or Off Hardware Accelerated GPU Scheduling in Windows 10
- AW3418DW - Force 16:9 Ratio? : ultrawidemasterrace
Android
- Fix Broken Bookmark Button on Android | Bookmark icon is missing in chrome android menu? - Google Account Community
- Dual Boot Windows 10 and Linux Ubuntu on Separate Hard Drives - Ask Ubuntu
- The fastest way to search your Chrome history or bookmarks - CNET
- how to close a tab in a browser and other things
- Windows Subsystem for Linux 2 (WSL 2) Released to Insiders
- The Windows Subsystem for Linux Guide! — Windows Subsystem for Linux Guide documentation
- Fix Clock Issue with Dual Boot | Why does dual-booting Windows and Ubuntu often cause the clocks on both operating to go out of sync? How can this be fixed? - Quora
Computer Engineering & Hardware Stuff
Computer Engineering Stuff
- Build an 8-bit computer | Ben Eater
- 8-bit computer update - YouTube
- Learning FPGA And Verilog A Beginner’s Guide Part 1 – Introduction | Numato Lab Help Center
- Mojo V3 | Alchitry
- Verilog | Alchitry
- Game for Hardware Design - Robot Odyssey Rewired
- Icarus Verilog
- GTKWave
- Reddit comment about FPGA
- What Every Programmer Should Know About Memory
- Embedded Security Collection of Resources
- Introduction | QEMU internals
- Hackaday | Fresh hacks every day
- Hardware Hacking for Software People | Don't Stuff Beans Up Your Nose
- Methodologies For Hacking Embedded Security Appliances
- bunnie's burrow
- bunnie's blog
- Changing your MAC address in Windows - inc0x0
- O.MG Cable
- Solder Skills Challenge - SMD Challenge from MakersBox on Tindie
- Hack Correlation
- 2021 Embedded Online Conference
- Logo to Company name - hardware RE
- rowhammer + side channel via OS-supported memory deduplication to get arbitrary read+write using javascript in a browser
- [1902.05178] Spectre is here to stay: An analysis of side-channels and speculative execution
- VoidStar Security Wiki | VSS Hardware Hacking Wiki and Blog Entries
Electrical Engineering and Physics Stuff
EE
- Semiconductor Physics for Solid State Electronics
- Electrical Engineering and Computer Science | MIT OpenCourseWare | Free Online Course Materials
- Electrical and Computer Engineering FE Exam Topics
- Study Guide for Fundamentals of Engineering (FE) Electrical & Computer CBT Exam: Practice over 500 solved problems with detailed solutions including Alternative-Item Types: Wasim Asghar PE: 9781985699717: Amazon.com: Books
- FE Electrical and Computer Practice Exam · Exam Prep · MyNCEES Account
- NCEES FE Reference Handbook V9.2
- Semiconductors and Intel - An Introduction
Physics
- The Feynman Lectures on Physics
- MITRE ATT&CK®
- D3FEND Matrix | MITRE D3FEND™